d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

just merged cosmetic changes from KAME to ease sync between KAME and FreeBSD.

Browse Source 
(based on freebsd4-snap-20020128)

Reviewed by:	ume
MFC after:	1 week
This commit is contained in:
suz 2002-04-19 04:46:24 +00:00
parent 94c9a46e4a
commit 1646c3c0d2
75 changed files with 644 additions and 573 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/libc/net/getaddrinfo.3
View File

@ -1,5 +1,5 @@
.\" $FreeBSD$
.\" $KAME: getaddrinfo.3,v 1.22 2000/08/09 21:16:17 itojun Exp $
.\" $KAME: getaddrinfo.3,v 1.31 2001/08/05 18:19:38 itojun Exp $
.\"
.\" Copyright (c) 1983, 1987, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
@ -573,6 +573,7 @@ indicate an unknown error.
.Xr getnameinfo 3 ,
.Xr getservbyname 3 ,
.Xr hosts 5 ,
.Xr resolv.conf 5 ,
.Xr services 5 ,
.Xr hostname 7 ,
.Xr named 8

2
lib/libc/net/ifname.c
View File

@ -1,3 +1,5 @@
/* $KAME: ifname.c,v 1.4 2001/08/20 02:32:40 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
* All rights reserved.

2
lib/libc/net/inet_addr.c
View File

@ -1,3 +1,5 @@
/* $KAME: inet_addr.c,v 1.5 2001/08/20 02:32:40 itojun Exp $ */
/*
* ++Copyright++ 1983, 1990, 1993
* -

2
lib/libc/net/inet_pton.c
View File

@ -1,3 +1,5 @@
/* $KAME: inet_pton.c,v 1.5 2001/08/20 02:32:40 itojun Exp $ */
/* Copyright (c) 1996 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any

22
lib/libc/net/rthdr.c
View File

@ -1,3 +1,5 @@
/* $KAME: rthdr.c,v 1.8 2001/08/20 02:32:40 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
* All rights reserved.
@ -226,9 +228,9 @@ inet6_rthdr_segments(cmsg)
}
struct in6_addr *
inet6_rthdr_getaddr(cmsg, index)
inet6_rthdr_getaddr(cmsg, idx)
struct cmsghdr *cmsg;
int index;
int idx;
{
struct ip6_rthdr *rthdr;
@ -248,13 +250,13 @@ inet6_rthdr_getaddr(cmsg, index)
return NULL;
}
naddr = (rt0->ip6r0_len * 8) / sizeof(struct in6_addr);
if (index <= 0 || naddr < index) {
if (idx <= 0 || naddr < idx) {
#ifdef DEBUG
fprintf(stderr, "inet6_rthdr_getaddr: invalid index(%d)\n", index);
fprintf(stderr, "inet6_rthdr_getaddr: invalid idx(%d)\n", idx);
#endif
return NULL;
}
return &rt0->ip6r0_addr[index - 1];
return &rt0->ip6r0_addr[idx - 1];
}
default:
@ -267,9 +269,9 @@ inet6_rthdr_getaddr(cmsg, index)
}
int
inet6_rthdr_getflags(cmsg, index)
inet6_rthdr_getflags(cmsg, idx)
const struct cmsghdr *cmsg;
int index;
int idx;
{
struct ip6_rthdr *rthdr;
@ -289,13 +291,13 @@ inet6_rthdr_getflags(cmsg, index)
return -1;
}
naddr = (rt0->ip6r0_len * 8) / sizeof(struct in6_addr);
if (index < 0 || naddr < index) {
if (idx < 0 || naddr < idx) {
#ifdef DEBUG
fprintf(stderr, "inet6_rthdr_getflags: invalid index(%d)\n", index);
fprintf(stderr, "inet6_rthdr_getflags: invalid idx(%d)\n", idx);
#endif
return -1;
}
if (rt0->ip6r0_slmap[index / 8] & (0x80 >> (index % 8)))
if (rt0->ip6r0_slmap[idx / 8] & (0x80 >> (idx % 8)))
return IPV6_RTHDR_STRICT;
else
return IPV6_RTHDR_LOOSE;

2
lib/libc/net/vars.c
View File

@ -1,3 +1,5 @@
/* $KAME: vars.c,v 1.2 2001/08/20 02:32:41 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
* All rights reserved.

4
lib/libipsec/ipsec_set_policy.3
View File

@ -1,4 +1,4 @@
.\" $KAME: ipsec_set_policy.3,v 1.14 2001/04/06 07:00:46 itojun Exp $
.\" $KAME: ipsec_set_policy.3,v 1.15 2001/08/17 07:21:36 itojun Exp $
.\" $FreeBSD$
.\"
.\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
@ -62,6 +62,8 @@ of
.Fa policy .
.Fn ipsec_set_policy
will return the buffer of IPsec policy specification structure.
The buffer is dynamically allocated, and must be freed by the caller by calling
.Xr free 3 .
.Pp
You may want the length of the generated buffer such when calling
.Xr setsockopt 2 .

5
lib/libipsec/ipsec_strerror.3
View File

@ -1,4 +1,4 @@
.\" $KAME: ipsec_strerror.3,v 1.8 2000/11/20 00:35:14 sakane Exp $
.\" $KAME: ipsec_strerror.3,v 1.9 2001/08/17 07:21:36 itojun Exp $
.\" $FreeBSD$
.\"
.\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
@ -80,3 +80,6 @@ first appeared in WIDE/KAME IPv6 protocol stack kit.
.Sh BUGS
.Fn ipsec_strerror
will return its result which may be overwritten by subsequent calls.
.Pp
.Va ipsec_errcode
is not thread safe.

31
sbin/ip6fw/ip6fw.8
View File

@ -1,6 +1,35 @@
.\"
.\" $FreeBSD$
.\"
.\" $KAME$
.\"
.\" Copyright (C) 1998, 1999, 2000 and 2001 WIDE Project.
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the project nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd March 13, 2000
.Dt IP6FW 8
.Os
@ -494,7 +523,7 @@ from being forwarded by the host:
This one disallows any connection from the entire hackers network to
my host:
.Pp
.Dl ip6fw addf deny all from fec0::123:45:67:0/112 to my.host.org
.Dl ip6fw add deny all from fec0::123:45:67:0/112 to my.host.org
.Pp
Here is a good usage of the list command to see accounting records
and timestamp information:

31
sbin/ip6fw/ip6fw.c
View File

@ -1,3 +1,34 @@
/* $KAME: ip6fw.c,v 1.13 2001/06/22 05:51:16 itojun Exp $ */
/*
* Copyright (C) 1998, 1999, 2000 and 2001 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Copyright (c) 1996 Alex Nash, Paul Traina, Poul-Henning Kamp
* Copyright (c) 1994 Ugen J.S.Antsilevich

2
sys/crypto/des/podd.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: podd.h,v 1.3 2000/03/27 04:36:34 sumikawa Exp $ */
/* $KAME: podd.h,v 1.4 2001/09/10 04:03:58 itojun Exp $ */
/* crypto/des/podd.h */
/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)

2
sys/crypto/des/sk.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: sk.h,v 1.3 2000/03/27 04:36:34 sumikawa Exp $ */
/* $KAME: sk.h,v 1.4 2001/09/10 04:03:58 itojun Exp $ */
/* crypto/des/sk.h */
/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)

2
sys/kern/uipc_mbuf2.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: uipc_mbuf2.c,v 1.29 2001/02/14 13:42:10 itojun Exp $ */
/* $KAME: uipc_mbuf2.c,v 1.31 2001/11/28 11:08:53 itojun Exp $ */
/* $NetBSD: uipc_mbuf.c,v 1.40 1999/04/01 00:23:25 thorpej Exp $ */
/*

2
sys/net/if.c
View File

@ -1486,7 +1486,7 @@ ifioctl(so, cmd, data, td)
if ((oif_flags ^ ifp->if_flags) & IFF_UP) {
#ifdef INET6
DELAY(100);/* XXX: temporal workaround for fxp issue*/
DELAY(100);/* XXX: temporary workaround for fxp issue*/
if (ifp->if_flags & IFF_UP) {
int s = splimp();
in6_if_up(ifp);

2
sys/net/if_faith.c
View File

@ -1,4 +1,4 @@
/* $KAME: if_faith.c,v 1.21 2001/02/20 07:59:26 itojun Exp $ */
/* $KAME: if_faith.c,v 1.23 2001/12/17 13:55:29 sumikawa Exp $ */
/*
* Copyright (c) 1982, 1986, 1993

13
sys/net/if_gif.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: if_gif.c,v 1.47 2001/05/01 05:28:42 itojun Exp $ */
/* $KAME: if_gif.c,v 1.87 2001/10/19 08:50:27 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -129,7 +129,7 @@ SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW, 0,
* Since, setting a large value to this macro with a careless configuration
* may introduce system crash, we don't allow any nestings by default.
* If you need to configure nested gif tunnels, you can define this macro
* in your kernel configuration file. However, if you do so, please be
* in your kernel configuration file. However, if you do so, please be
* careful to configure the tunnels so that it won't make a loop.
*/
#define MAX_GIF_NEST 1
@ -459,13 +459,12 @@ gif_input(m, af, gifp)
* Put the packet to the network layer input queue according to the
* specified address family.
* Note: older versions of gif_input directly called network layer
* input functions, e.g. ip6_input, here. We changed the policy to
* input functions, e.g. ip6_input, here. We changed the policy to
* prevent too many recursive calls of such input functions, which
* might cause kernel panic. But the change may introduce another
* might cause kernel panic. But the change may introduce another
* problem; if the input queue is full, packets are discarded.
* We believed it rarely occurs and changed the policy. If we find
* it occurs more times than we thought, we may change the policy
* again.
* The kernel stack overflow really happened, and we believed
* queue-full rarely occurs, so we changed the policy.
*/
switch (af) {
#ifdef INET

2
sys/net/if_stf.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: if_stf.c,v 1.62 2001/06/07 22:32:16 itojun Exp $ */
/* $KAME: if_stf.c,v 1.73 2001/12/03 11:08:30 keiichi Exp $ */
/*
* Copyright (C) 2000 WIDE Project.

2
sys/net/if_stf.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: if_stf.h,v 1.3 2000/03/25 07:23:33 sumikawa Exp $ */
/* $KAME: if_stf.h,v 1.5 2001/10/12 10:09:17 keiichi Exp $ */
/*
* Copyright (C) 2000 WIDE Project.

2
sys/net/net_osdep.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: net_osdep.c,v 1.10 2001/07/26 19:08:37 itojun Exp $ */
/* $KAME: net_osdep.c,v 1.9 2001/04/06 09:22:05 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.

75
sys/net/net_osdep.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: net_osdep.h,v 1.44 2001/05/16 03:13:40 jinmei Exp $ */
/* $KAME: net_osdep.h,v 1.68 2001/12/21 08:14:58 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -35,16 +35,28 @@
/*
* OS dependencies:
* - ioctl
* FreeBSD 3 and later warn when sys/ioctl.h is included in a kernel source
* file. For socket ioctl, we are suggested to use sys/sockio.h.
*
* - RTFREE()
* bsdi does not escape this macro using do-clause, so it is recommended
* to escape the macro explicitly.
* e.g.
* if (rt) {
* RTFREE(rt);
* }
*
* - whether the IPv4 input routine convert the byte order of some fileds
* of the IP header (x: convert to the host byte order, s: strip the header
* length for possible reassembly)
* ip_len ip_id ip_off
* bsdi3: xs x x
* bsdi4: xs x
* FreeBSD: xs x
* NetBSD: x x
* OpenBSD: xs x x
* ip_len ip_id ip_off
* bsdi3: xs x x
* bsdi4: xs x
* freebsd[23]: xs x x
* freebsd4: xs x
* NetBSD: x x
* OpenBSD: xs x x
*
* - ifa_ifwithaf()
* bsdi[34], netbsd, and openbsd define it in sys/net/if.c
@ -131,6 +143,14 @@
* OpenBSD 2.8
* timeout_{add,set,del} is encouraged (sys/timeout.h)
*
* - kernel internal time structure
* FreeBSD 2, NetBSD, OpenBSD, BSD/OS
* mono_time.tv_u?sec, time.tv_u?sec
* FreeBSD [34]
* time_second
* if you need portability, #ifdef out FreeBSD[34], or use microtime(&tv)
* then touch tv.tv_sec (note: microtime is an expensive operation).
*
* - sysctl
* NetBSD, OpenBSD
* foo_sysctl()
@ -167,12 +187,16 @@
*
* - ovbcopy()
* in NetBSD 1.4 or later, ovbcopy() is not supplied in the kernel.
* bcopy() is safe against overwrites.
* we have updated sys/systm.h to include declaration.
*
* - splnet()
* NetBSD 1.4 or later requires splsoftnet().
* other operating systems use splnet().
*
* - splimp()
* NetBSD-current (2001/4/13): use splnet() in network, splvm() in vm.
* other operating systems: use splimp().
*
* - dtom()
* NEVER USE IT!
*
@ -231,7 +255,40 @@
* others: do not increase refcnt for ifp->if_addrlist and in_ifaddr.
* use IFAFREE once when ifaddr is disconnected from
* ifp->if_addrlist and in_ifaddr. IFAFREE frees ifaddr when
* ifa_refcnt goes negative.
* ifa_refcnt goes negative. in KAME environment, IFAREF is
* provided as a compatibility wrapper (use it instead of
* ifa_refcnt++ to reduce #ifdef).
*
* - ifnet.if_lastchange
* freebsd, bsdi, netbsd-current (jun 14 2001-),
* openbsd-current (jun 15 2001-): updated only when IFF_UP changes.
* (RFC1573 ifLastChange interpretation)
* netbsd151, openbsd29: updated whenever packets go through the interface.
* (4.4BSD interpretation)
*
* - kernel compilation options ("options HOGE" in kernel config file)
* freebsd4: sys/conf/options has to have mapping between option
* and a header file (opt_hoge.h).
* netbsd: by default, -DHOGE will go into
* sys/arch/foo/compile/BAR/Makefile.
* if you define mapping in sys/conf/files, you can create
* a header file like opt_hoge.h to help make dependencies.
* bsdi/openbsd: always use -DHOGE in Makefile. there's no need/way
* to have opt_hoge.h.
*
* therefore, opt_hoge.h is mandatory on freebsd4 only.
*
* - MALLOC() macro
* Use it only if the size of the allocation is constant.
* When we do NOT collect statistics about kernel memory usage, the result
* of macro expansion contains a large set of condition branches. If the
* size is not constant, compilation optimization cannot be applied, and
* a bunch of the large branch will be embedded in the kernel code.
*
* - M_COPY_PKTHDR
* openbsd30: M_COPY_PKTHDR is deprecated. use M_MOVE_PKTHDR or
* M_DUP_PKTHDR, depending on how you want to handle m_tag.
* others: M_COPY_PKTHDR is available as usual.
*/
#ifndef __NET_NET_OSDEP_H_DEFINED_

2
sys/net/radix.c
View File

@ -673,7 +673,7 @@ rn_addroute(v_arg, n_arg, head, treenodes)
mmask = m->rm_leaf->rn_mask;
if (tt->rn_flags & RNF_NORMAL) {
log(LOG_ERR,
"Non-unique normal route, mask not entered");
"Non-unique normal route, mask not entered\n");
return tt;
}
} else

8
sys/netinet/icmp6.h
View File

@ -312,7 +312,7 @@ struct nd_opt_route_info { /* route info */
u_int8_t nd_opt_rti_prefixlen;
u_int8_t nd_opt_rti_flags;
u_int32_t nd_opt_rti_lifetime;
/* followed by prefix */
/* prefix follows */
} __attribute__((__packed__));
/*
@ -541,7 +541,11 @@ struct icmp6stat {
u_quad_t icp6s_tooshort; /* packet < sizeof(struct icmp6_hdr) */
u_quad_t icp6s_checksum; /* bad checksum */
u_quad_t icp6s_badlen; /* calculated bound mismatch */
u_quad_t icp6s_reflect; /* number of responses */
/*
* number of responses: this member is inherited from netinet code, but
* for netinet6 code, it is already available in icp6s_outhist[].
*/
u_quad_t icp6s_reflect;
u_quad_t icp6s_inhist[256];
u_quad_t icp6s_nd_toomanyopt; /* too many ND options */
struct icmp6errstat icp6s_outerrhist;

6
sys/netinet/in_gif.c
View File

@ -111,7 +111,7 @@ in_gif_output(ifp, family, m, rt)
tos = ip->ip_tos;
break;
}
#endif /*INET*/
#endif /* INET */
#ifdef INET6
case AF_INET6:
{
@ -126,7 +126,7 @@ in_gif_output(ifp, family, m, rt)
tos = (ntohl(ip6->ip6_flow) >> 20) & 0xff;
break;
}
#endif /*INET6*/
#endif /* INET6 */
default:
#ifdef DEBUG
printf("in_gif_output: warning: unknown family %d passed\n",
@ -189,7 +189,7 @@ in_gif_output(ifp, family, m, rt)
/* if it constitutes infinite encapsulation, punt. */
if (sc->gif_ro.ro_rt->rt_ifp == ifp) {
m_freem(m);
return ENETUNREACH; /*XXX*/
return ENETUNREACH; /* XXX */
}
#if 0
ifp->if_mtu = sc->gif_ro.ro_rt->rt_ifp->if_mtu

3
sys/netinet/ip_encap.c
View File

@ -40,7 +40,8 @@
* RFC2473 IPv6 generic packet tunnelling
* RFC2529 6over4 tunnel
* mobile-ip6 (uses RFC2473)
* 6to4 tunnel
* RFC3056 6to4 tunnel
* isatap tunnel
* Here's a list of protocol that want protocol #4:
* RFC1853 IPv4-in-IPv4 tunnelling
* RFC2003 IPv4 encapsulation within IPv4

2
sys/netinet/tcp_input.c
View File

@ -497,6 +497,8 @@ tcp_input(m, off0)
* Because ip6_savecontrol() is going to parse the mbuf to
* search for data to be passed up to user-land, it wants mbuf
* parameters to be unchanged.
* XXX: the call of ip6_savecontrol() has been obsoleted based on
* latest version of the advanced API (20020110).
*/
drop_hdrlen = off0 + off;

2
sys/netinet/tcp_reass.c
View File

@ -497,6 +497,8 @@ tcp_input(m, off0)
* Because ip6_savecontrol() is going to parse the mbuf to
* search for data to be passed up to user-land, it wants mbuf
* parameters to be unchanged.
* XXX: the call of ip6_savecontrol() has been obsoleted based on
* latest version of the advanced API (20020110).
*/
drop_hdrlen = off0 + off;

8
sys/netinet6/ah.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ah.h,v 1.13 2000/10/18 21:28:00 itojun Exp $ */
/* $KAME: ah.h,v 1.16 2001/09/04 08:43:19 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -63,7 +63,7 @@ struct secasvar;
struct ah_algorithm_state {
struct secasvar *sav;
void* foo; /*per algorithm data - maybe*/
void* foo; /* per algorithm data - maybe */
};
struct ah_algorithm {
@ -89,6 +89,6 @@ extern void ah4_input __P((struct mbuf *, int));
extern int ah4_output __P((struct mbuf *, struct ipsecrequest *));
extern int ah4_calccksum __P((struct mbuf *, caddr_t, size_t,
const struct ah_algorithm *, struct secasvar *));
#endif /*_KERNEL*/
#endif /* _KERNEL */
#endif /*_NETINET6_AH_H_*/
#endif /* _NETINET6_AH_H_ */

8
sys/netinet6/ah_core.c
View File

@ -1157,7 +1157,7 @@ ah_update_mbuf(m, off, len, algo, algos)
if (!n)
panic("ah_update_mbuf: wrong offset specified");
for (/*nothing*/; n && len > 0; n = n->m_next) {
for (/* nothing */; n && len > 0; n = n->m_next) {
if (n->m_len == 0)
continue;
if (n->m_len - off < len)
@ -1201,7 +1201,7 @@ ah4_calccksum(m, ahdat, len, algo, sav)
return EINVAL;
ahseen = 0;
hdrtype = -1; /*dummy, it is called IPPROTO_IP*/
hdrtype = -1; /* dummy, it is called IPPROTO_IP */
off = 0;
@ -1209,12 +1209,12 @@ ah4_calccksum(m, ahdat, len, algo, sav)
if (error)
return error;
advancewidth = 0; /*safety*/
advancewidth = 0; /* safety */
again:
/* gory. */
switch (hdrtype) {
case -1: /*first one only*/
case -1: /* first one only */
{
/*
* copy ip hdr, modify to fit the AH checksum rule,

34
sys/netinet6/ah_input.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ah_input.c,v 1.59 2001/05/16 04:01:27 jinmei Exp $ */
/* $KAME: ah_input.c,v 1.67 2002/01/07 11:39:56 kjc Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -256,7 +256,7 @@ ah4_input(m, off)
*/
if ((sav->flags & SADB_X_EXT_OLD) == 0 && sav->replay) {
if (ipsec_chkreplay(ntohl(((struct newah *)ah)->ah_seq), sav))
; /*okey*/
; /* okey */
else {
ipsecstat.in_ahreplay++;
ipseclog((LOG_WARNING,
@ -356,8 +356,8 @@ ah4_input(m, off)
m->m_flags &= ~M_AUTHIPHDR;
m->m_flags &= ~M_AUTHIPDGM;
}
#endif /*INET6*/
#endif /*0*/
#endif /* INET6 */
#endif /* 0 */
if (m->m_flags & M_AUTHIPHDR
&& m->m_flags & M_AUTHIPDGM) {
@ -423,14 +423,6 @@ ah4_input(m, off)
goto fail;
}
#if 0 /* XXX should we call ipfw rather than ipsec_in_reject? */
/* drop it if it does not match the default policy */
if (ipsec4_in_reject(m, NULL)) {
ipsecstat.in_polvio++;
goto fail;
}
#endif
#if 1
/*
* Should the inner packet be considered authentic?
@ -468,7 +460,7 @@ ah4_input(m, off)
goto fail;
}
m = NULL;
schednetisr(NETISR_IP); /*can be skipped but to make sure*/
schednetisr(NETISR_IP); /* can be skipped but to make sure */
nxt = IPPROTO_DONE;
} else {
/*
@ -601,7 +593,7 @@ ah6_input(mp, offp, proto)
ip6 = mtod(m, struct ip6_hdr *);
nxt = ah->ah_nxt;
/* find the sassoc. */
/* find the sassoc. */
spi = ah->ah_spi;
if (ntohs(ip6->ip6_plen) == 0) {
@ -690,7 +682,7 @@ ah6_input(mp, offp, proto)
*/
if ((sav->flags & SADB_X_EXT_OLD) == 0 && sav->replay) {
if (ipsec_chkreplay(ntohl(((struct newah *)ah)->ah_seq), sav))
; /*okey*/
; /* okey */
else {
ipsec6stat.in_ahreplay++;
ipseclog((LOG_WARNING,
@ -816,7 +808,7 @@ ah6_input(mp, offp, proto)
* XXX more sanity checks
* XXX relationship with gif?
*/
u_int32_t flowinfo; /*net endian*/
u_int32_t flowinfo; /* net endian */
flowinfo = ip6->ip6_flow;
m_adj(m, off + stripsiz);
@ -844,14 +836,6 @@ ah6_input(mp, offp, proto)
goto fail;
}
#if 0 /* XXX should we call ipfw rather than ipsec_in_reject? */
/* drop it if it does not match the default policy */
if (ipsec6_in_reject(m, NULL)) {
ipsec6stat.in_polvio++;
goto fail;
}
#endif
#if 1
/*
* should the inner packet be considered authentic?
@ -874,7 +858,7 @@ ah6_input(mp, offp, proto)
goto fail;
}
m = NULL;
schednetisr(NETISR_IPV6); /*can be skipped but to make sure*/
schednetisr(NETISR_IPV6); /* can be skipped but to make sure */
nxt = IPPROTO_DONE;
} else {
/*

22
sys/netinet6/ah_output.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ah_output.c,v 1.30 2001/02/21 00:50:53 itojun Exp $ */
/* $KAME: ah_output.c,v 1.31 2001/07/26 06:53:15 jinmei Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -151,9 +151,9 @@ ah4_output(m, isr)
u_int32_t spi;
u_char *ahdrpos;
u_char *ahsumpos = NULL;
size_t hlen = 0; /*IP header+option in bytes*/
size_t plen = 0; /*AH payload size in bytes*/
size_t ahlen = 0; /*plen + sizeof(ah)*/
size_t hlen = 0; /* IP header+option in bytes */
size_t plen = 0; /* AH payload size in bytes */
size_t ahlen = 0; /* plen + sizeof(ah) */
struct ip *ip;
struct in_addr dst;
struct in_addr *finaldst;
@ -189,11 +189,11 @@ ah4_output(m, isr)
*/
if (sav->flags & SADB_X_EXT_OLD) {
/* RFC 1826 */
plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /*XXX pad to 8byte?*/
plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /* XXX pad to 8byte? */
ahlen = plen + sizeof(struct ah);
} else {
/* RFC 2402 */
plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /*XXX pad to 8byte?*/
plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /* XXX pad to 8byte? */
ahlen = plen + sizeof(struct newah);
}
@ -230,7 +230,7 @@ ah4_output(m, isr)
ahdrpos = mtod(m->m_next, u_char *);
}
ip = mtod(m, struct ip *); /*just to be sure*/
ip = mtod(m, struct ip *); /* just to be sure */
/*
* initialize AH.
@ -315,7 +315,7 @@ ah4_output(m, isr)
}
if (finaldst) {
ip = mtod(m, struct ip *); /*just to make sure*/
ip = mtod(m, struct ip *); /* just to make sure */
ip->ip_dst.s_addr = dst.s_addr;
}
ipsecstat.out_success++;
@ -339,11 +339,11 @@ ah_hdrlen(sav)
return 0;
if (sav->flags & SADB_X_EXT_OLD) {
/* RFC 1826 */
plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /*XXX pad to 8byte?*/
plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /* XXX pad to 8byte? */
ahlen = plen + sizeof(struct ah);
} else {
/* RFC 2402 */
plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /*XXX pad to 8byte?*/
plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /* XXX pad to 8byte? */
ahlen = plen + sizeof(struct newah);
}
@ -367,7 +367,7 @@ ah6_output(m, nexthdrp, md, isr)
const struct ah_algorithm *algo;
u_int32_t spi;
u_char *ahsumpos = NULL;
size_t plen; /*AH payload size in bytes*/
size_t plen; /* AH payload size in bytes */
int error = 0;
int ahlen;
struct ip6_hdr *ip6;

2
sys/netinet6/dest6.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: dest6.c,v 1.27 2001/03/29 05:34:30 itojun Exp $ */
/* $KAME: dest6.c,v 1.34 2002/01/08 02:40:55 k-sugyou Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.

34
sys/netinet6/esp.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: esp.h,v 1.16 2000/10/18 21:28:00 itojun Exp $ */
/* $KAME: esp.h,v 1.19 2001/09/04 08:43:19 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -43,30 +43,30 @@
struct esp {
u_int32_t esp_spi; /* ESP */
/*variable size, 32bit bound*/ /* Initialization Vector */
/*variable size*/ /* Payload data */
/*variable size*/ /* padding */
/*8bit*/ /* pad size */
/*8bit*/ /* next header */
/*8bit*/ /* next header */
/*variable size, 32bit bound*/ /* Authentication data (new IPsec) */
/* variable size, 32bit bound */ /* Initialization Vector */
/* variable size */ /* Payload data */
/* variable size */ /* padding */
/* 8bit */ /* pad size */
/* 8bit */ /* next header */
/* 8bit */ /* next header */
/* variable size, 32bit bound */ /* Authentication data (new IPsec) */
};
struct newesp {
u_int32_t esp_spi; /* ESP */
u_int32_t esp_seq; /* Sequence number */
/*variable size*/ /* (IV and) Payload data */
/*variable size*/ /* padding */
/*8bit*/ /* pad size */
/*8bit*/ /* next header */
/*8bit*/ /* next header */
/*variable size, 32bit bound*/ /* Authentication data */
/* variable size */ /* (IV and) Payload data */
/* variable size */ /* padding */
/* 8bit */ /* pad size */
/* 8bit */ /* next header */
/* 8bit */ /* next header */
/* variable size, 32bit bound *//* Authentication data */
};
struct esptail {
u_int8_t esp_padlen; /* pad length */
u_int8_t esp_nxt; /* Next header */
/*variable size, 32bit bound*/ /* Authentication data (new IPsec)*/
/* variable size, 32bit bound *//* Authentication data (new IPsec)*/
};
#ifdef _KERNEL
@ -104,6 +104,6 @@ extern size_t esp_hdrsiz __P((struct ipsecrequest *));
extern int esp_schedule __P((const struct esp_algorithm *, struct secasvar *));
extern int esp_auth __P((struct mbuf *, size_t, size_t,
struct secasvar *, u_char *));
#endif /*_KERNEL*/
#endif /* _KERNEL */
#endif /*_NETINET6_ESP_H_*/
#endif /* _NETINET6_ESP_H_ */

36
sys/netinet6/esp_input.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: esp_input.c,v 1.55 2001/03/23 08:08:47 itojun Exp $ */
/* $KAME: esp_input.c,v 1.62 2002/01/07 11:39:57 kjc Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -197,7 +197,7 @@ esp4_input(m, off)
* check for sequence number.
*/
if (ipsec_chkreplay(ntohl(((struct newesp *)esp)->esp_seq), sav))
; /*okey*/
; /* okey */
else {
ipsecstat.in_espreplay++;
ipseclog((LOG_WARNING,
@ -328,7 +328,7 @@ esp4_input(m, off)
taillen = esptail.esp_padlen + sizeof(esptail);
if (m->m_pkthdr.len < taillen
|| m->m_pkthdr.len - taillen < hlen) { /*?*/
|| m->m_pkthdr.len - taillen < hlen) { /* ? */
ipseclog((LOG_WARNING,
"bad pad length in IPv4 ESP input: %s %s\n",
ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav)));
@ -377,14 +377,6 @@ esp4_input(m, off)
goto bad;
}
#if 0 /* XXX should call ipfw rather than ipsec_in_reject, shouldn't it ? */
/* drop it if it does not match the default policy */
if (ipsec4_in_reject(m, NULL)) {
ipsecstat.in_polvio++;
goto bad;
}
#endif
key_sa_recordxfer(sav, m);
if (ipsec_addhist(m, IPPROTO_ESP, spi) != 0 ||
ipsec_addhist(m, IPPROTO_IPV4, 0) != 0) {
@ -398,7 +390,7 @@ esp4_input(m, off)
goto bad;
}
m = NULL;
schednetisr(NETISR_IP); /*can be skipped but to make sure*/
schednetisr(NETISR_IP); /* can be skipped but to make sure */
nxt = IPPROTO_DONE;
} else {
/*
@ -560,7 +552,7 @@ esp6_input(mp, offp, proto)
* check for sequence number.
*/
if (ipsec_chkreplay(ntohl(((struct newesp *)esp)->esp_seq), sav))
; /*okey*/
; /* okey */
else {
ipsec6stat.in_espreplay++;
ipseclog((LOG_WARNING,
@ -645,7 +637,7 @@ esp6_input(mp, offp, proto)
}
#ifndef PULLDOWN_TEST
IP6_EXTHDR_CHECK(m, off, esplen + ivlen, IPPROTO_DONE); /*XXX*/
IP6_EXTHDR_CHECK(m, off, esplen + ivlen, IPPROTO_DONE); /* XXX */
#else
IP6_EXTHDR_GET(esp, struct esp *, m, off, esplen + ivlen);
if (esp == NULL) {
@ -654,7 +646,7 @@ esp6_input(mp, offp, proto)
goto bad;
}
#endif
ip6 = mtod(m, struct ip6_hdr *); /*set it again just in case*/
ip6 = mtod(m, struct ip6_hdr *); /* set it again just in case */
/*
* pre-compute and cache intermediate key
@ -690,7 +682,7 @@ esp6_input(mp, offp, proto)
taillen = esptail.esp_padlen + sizeof(esptail);
if (m->m_pkthdr.len < taillen
|| m->m_pkthdr.len - taillen < sizeof(struct ip6_hdr)) { /*?*/
|| m->m_pkthdr.len - taillen < sizeof(struct ip6_hdr)) { /* ? */
ipseclog((LOG_WARNING,
"bad pad length in IPv6 ESP input: %s %s\n",
ipsec6_logpacketstr(ip6, spi), ipsec_logsastr(sav)));
@ -712,7 +704,7 @@ esp6_input(mp, offp, proto)
* XXX more sanity checks
* XXX relationship with gif?
*/
u_int32_t flowinfo; /*net endian*/
u_int32_t flowinfo; /* net endian */
flowinfo = ip6->ip6_flow;
m_adj(m, off + esplen + ivlen);
if (m->m_len < sizeof(*ip6)) {
@ -743,14 +735,6 @@ esp6_input(mp, offp, proto)
goto bad;
}
#if 0 /* XXX should call ipfw rather than ipsec_in_reject, shouldn't it ? */
/* drop it if it does not match the default policy */
if (ipsec6_in_reject(m, NULL)) {
ipsec6stat.in_polvio++;
goto bad;
}
#endif
key_sa_recordxfer(sav, m);
if (ipsec_addhist(m, IPPROTO_ESP, spi) != 0 ||
ipsec_addhist(m, IPPROTO_IPV6, 0) != 0) {
@ -764,7 +748,7 @@ esp6_input(mp, offp, proto)
goto bad;
}
m = NULL;
schednetisr(NETISR_IPV6); /*can be skipped but to make sure*/
schednetisr(NETISR_IPV6); /* can be skipped but to make sure */
nxt = IPPROTO_DONE;
} else {
/*

20
sys/netinet6/esp_output.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: esp_output.c,v 1.43 2001/03/01 07:10:45 itojun Exp $ */
/* $KAME: esp_output.c,v 1.44 2001/07/26 06:53:15 jinmei Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -189,7 +189,7 @@ esp_output(m, nexthdrp, md, isr, af)
const struct esp_algorithm *algo;
u_int32_t spi;
u_int8_t nxt = 0;
size_t plen; /*payload length to be encrypted*/
size_t plen; /* payload length to be encrypted */
size_t espoff;
int ivlen;
int afnumber;
@ -232,7 +232,7 @@ esp_output(m, nexthdrp, md, isr, af)
ipsecstat.out_inval++;
break;
}
#endif /*INET*/
#endif /* INET */
#ifdef INET6
case AF_INET6:
ipseclog((LOG_DEBUG, "esp6_output: internal error: "
@ -240,7 +240,7 @@ esp_output(m, nexthdrp, md, isr, af)
(u_int32_t)ntohl(sav->spi)));
ipsec6stat.out_inval++;
break;
#endif /*INET6*/
#endif /* INET6 */
default:
panic("esp_output: should not reach here");
}
@ -275,9 +275,9 @@ esp_output(m, nexthdrp, md, isr, af)
#ifdef INET6
struct ip6_hdr *ip6 = NULL;
#endif
size_t esplen; /*sizeof(struct esp/newesp)*/
size_t esphlen; /*sizeof(struct esp/newesp) + ivlen*/
size_t hlen = 0; /*ip header len*/
size_t esplen; /* sizeof(struct esp/newesp) */
size_t esphlen; /* sizeof(struct esp/newesp) + ivlen */
size_t hlen = 0; /* ip header len */
if (sav->flags & SADB_X_EXT_OLD) {
/* RFC 1827 */
@ -617,7 +617,7 @@ esp_output(m, nexthdrp, md, isr, af)
while (n->m_next)
n = n->m_next;
if (!(n->m_flags & M_EXT) && siz < M_TRAILINGSPACE(n)) { /*XXX*/
if (!(n->m_flags & M_EXT) && siz < M_TRAILINGSPACE(n)) { /* XXX */
n->m_len += siz;
m->m_pkthdr.len += siz;
p = mtod(n, u_char *) + n->m_len - siz;
@ -700,7 +700,7 @@ esp4_output(m, isr)
/* XXX assumes that m->m_next points to payload */
return esp_output(m, &ip->ip_p, m->m_next, isr, AF_INET);
}
#endif /*INET*/
#endif /* INET */
#ifdef INET6
int
@ -717,4 +717,4 @@ esp6_output(m, nexthdrp, md, isr)
}
return esp_output(m, nexthdrp, md, isr, AF_INET6);
}
#endif /*INET6*/
#endif /* INET6 */

2
sys/netinet6/frag6.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: frag6.c,v 1.31 2001/05/17 13:45:34 jinmei Exp $ */
/* $KAME: frag6.c,v 1.33 2002/01/07 11:34:48 kjc Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.

39
sys/netinet6/icmp6.c
View File

@ -368,7 +368,7 @@ icmp6_error(m, type, code, param)
m->m_pkthdr.rcvif = NULL;
icmp6stat.icp6s_outhist[type]++;
icmp6_reflect(m, sizeof(struct ip6_hdr)); /*header order: IPv6 - ICMPv6*/
icmp6_reflect(m, sizeof(struct ip6_hdr)); /* header order: IPv6 - ICMPv6 */
return;
@ -396,7 +396,7 @@ icmp6_input(mp, offp, proto)
#ifndef PULLDOWN_TEST
IP6_EXTHDR_CHECK(m, off, sizeof(struct icmp6_hdr), IPPROTO_DONE);
/* m might change if M_LOOP. So, call mtod after this */
/* m might change if M_LOOP. So, call mtod after this */
#endif
/*
@ -629,7 +629,7 @@ icmp6_input(mp, offp, proto)
case MLD6_MTRACE_RESP:
case MLD6_MTRACE:
/* XXX: these two are experimental. not officially defind. */
/* XXX: these two are experimental. not officially defind. */
/* XXX: per-interface statistics? */
break; /* just pass it to applications */
@ -698,9 +698,9 @@ icmp6_input(mp, offp, proto)
bcopy(icmp6, nicmp6, sizeof(struct icmp6_hdr));
p = (u_char *)(nicmp6 + 1);
bzero(p, 4);
bcopy(hostname, p + 4, maxhlen); /*meaningless TTL*/
bcopy(hostname, p + 4, maxhlen); /* meaningless TTL */
noff = sizeof(struct ip6_hdr);
M_COPY_PKTHDR(n, m); /* just for recvif */
M_COPY_PKTHDR(n, m); /* just for rcvif */
n->m_pkthdr.len = n->m_len = sizeof(struct ip6_hdr) +
sizeof(struct icmp6_hdr) + 4 + maxhlen;
nicmp6->icmp6_type = ICMP6_WRUREPLY;
@ -891,7 +891,7 @@ icmp6_notify_error(m, off, icmp6len, code)
struct ip6_rthdr0 *rth0;
int rthlen;
while (1) { /* XXX: should avoid inf. loop explicitly? */
while (1) { /* XXX: should avoid infinite loop explicitly? */
struct ip6_ext *eh;
switch (nxt) {
@ -1005,7 +1005,7 @@ icmp6_notify_error(m, off, icmp6len, code)
default:
/*
* This case includes ESP and the No Next
* Header. In such cases going to the notify
* Header. In such cases going to the notify
* label does not have any meaning
* (i.e. ctlfunc will be NULL), but we go
* anyway since we might have to update
@ -1137,8 +1137,9 @@ icmp6_mtudisc_update(ip6cp, validated)
rt->rt_rmx.rmx_mtu = mtu;
}
}
if (rt)
if (rt) { /* XXX: need braces to avoid conflict with else in RTFREE. */
RTFREE(rt);
}
}
/*
@ -1554,7 +1555,7 @@ ni6_nametodns(name, namelen, old)
}
panic("should not reach here");
/*NOTREACHED*/
/* NOTREACHED */
fail:
if (m)
@ -1705,7 +1706,7 @@ ni6_addrs(ni6, m, ifpp, subj)
/*
* check if anycast is okay.
* XXX: just experimental. not in the spec.
* XXX: just experimental. not in the spec.
*/
if ((ifa6->ia6_flags & IN6_IFF_ANYCAST) != 0 &&
(niflags & NI_NODEADDR_FLAG_ANYCAST) == 0)
@ -2106,7 +2107,7 @@ icmp6_reflect(m, off)
if (ia == NULL && IN6_IS_ADDR_LINKLOCAL(&t) && (m->m_flags & M_LOOP)) {
/*
* This is the case if the dst is our link-local address
* and the sender is also ourseleves.
* and the sender is also ourselves.
*/
src = &t;
}
@ -2117,7 +2118,7 @@ icmp6_reflect(m, off)
/*
* This case matches to multicasts, our anycast, or unicasts
* that we do not own. Select a source address based on the
* that we do not own. Select a source address based on the
* source address of the erroneous packet.
*/
bzero(&ro, sizeof(ro));
@ -2352,7 +2353,7 @@ icmp6_redirect_input(m, off)
nd6_cache_lladdr(ifp, &redtgt6, lladdr, lladdrlen, ND_REDIRECT,
is_onlink ? ND_REDIRECT_ONLINK : ND_REDIRECT_ROUTER);
if (!is_onlink) { /* better router case. perform rtredirect. */
if (!is_onlink) { /* better router case. perform rtredirect. */
/* perform rtredirect */
struct sockaddr_in6 sdst;
struct sockaddr_in6 sgw;
@ -2540,7 +2541,7 @@ icmp6_redirect_output(m0, rt)
if (!rt_router)
goto nolladdropt;
len = sizeof(*nd_opt) + ifp->if_addrlen;
len = (len + 7) & ~7; /*round by 8*/
len = (len + 7) & ~7; /* round by 8 */
/* safety check */
if (len + (p - (u_char *)ip6) > maxlen)
goto nolladdropt;
@ -2798,11 +2799,11 @@ ppsratecheck(lasttime, curpps, maxpps)
timersub(&tv, lasttime, &delta);
/*
* check for 0,0 is so that the message will be seen at least once.
* if more than one second have passed since the last update of
* Check for 0,0 so that the message will be seen at least once.
* If more than one second has passed since the last update of
* lasttime, reset the counter.
*
* we do increment *curpps even in *curpps < maxpps case, as some may
* We do increment *curpps even in *curpps < maxpps case, as some may
* try to use *curpps for stat purposes as well.
*/
if ((lasttime->tv_sec == 0 && lasttime->tv_usec == 0) ||
@ -2817,7 +2818,7 @@ ppsratecheck(lasttime, curpps, maxpps)
else
rv = 0;
#if 1 /*DIAGNOSTIC?*/
#if 1 /* DIAGNOSTIC? */
/* be careful about wrap-around */
if (*curpps + 1 > *curpps)
*curpps = *curpps + 1;
@ -2852,7 +2853,7 @@ icmp6_ratelimit(dst, type, code)
{
int ret;
ret = 0; /*okay to send*/
ret = 0; /* okay to send */
/* PPS limit */
if (!ppsratecheck(&icmp6errppslim_last, &icmp6errpps_count,

45
sys/netinet6/in6.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: in6.c,v 1.187 2001/05/24 07:43:59 itojun Exp $ */
/* $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -94,9 +94,9 @@
#include <netinet/in_pcb.h>
#endif
#include <netinet6/nd6.h>
#include <netinet/ip6.h>
#include <netinet6/ip6_var.h>
#include <netinet6/nd6.h>
#include <netinet6/mld6_var.h>
#include <netinet6/ip6_mroute.h>
#include <netinet6/in6_ifattach.h>
@ -252,7 +252,7 @@ in6_ifremloop(struct ifaddr *ifa)
*/
/*
* Delete the entry only if exact one ifa exists. More than one ifa
* Delete the entry only if exact one ifa exists. More than one ifa
* can exist if we assign a same single address to multiple
* (probably p2p) interfaces.
* XXX: we should avoid such a configuration in IPv6...
@ -268,9 +268,9 @@ in6_ifremloop(struct ifaddr *ifa)
if (ia_count == 1) {
/*
* Before deleting, check if a corresponding loopbacked host
* route surely exists. With this check, we can avoid to
* route surely exists. With this check, we can avoid to
* delete an interface direct route whose destination is same
* as the address being removed. This can happen when remofing
* as the address being removed. This can happen when remofing
* a subnet-router anycast address on an interface attahced
* to a shared medium.
*/
@ -396,7 +396,7 @@ in6_control(so, cmd, data, ifp, td)
case SIOCSIFINFO_FLAGS:
if (!privileged)
return(EPERM);
/*fall through*/
/* fall through */
case OSIOCGIFINFO_IN6:
case SIOCGIFINFO_IN6:
case SIOCGDRLST_IN6:
@ -419,7 +419,7 @@ in6_control(so, cmd, data, ifp, td)
return(EOPNOTSUPP);
}
switch(cmd) {
switch (cmd) {
case SIOCSSCOPE6:
if (!privileged)
return(EPERM);
@ -438,7 +438,7 @@ in6_control(so, cmd, data, ifp, td)
case SIOCDLIFADDR:
if (!privileged)
return(EPERM);
/*fall through*/
/* fall through */
case SIOCGLIFADDR:
return in6_lifaddr_ioctl(so, cmd, data, ifp, td);
}
@ -643,10 +643,11 @@ in6_control(so, cmd, data, ifp, td)
ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
}
/*
* XXX: since we don't have enough APIs, we just set inifinity
* to lifetimes. They can be overridden by later advertised
* RAs (when accept_rtadv is non 0), but we'd rather intend
* such a behavior.
* XXX: since we don't have an API to set prefix (not address)
* lifetimes, we just use the same lifetimes as addresses.
* The (temporarily) installed lifetimes can be overridden by
* later advertised RAs (when accept_rtadv is non 0), which is
* an intended behavior.
*/
pr0.ndpr_raf_onlink = 1; /* should be configurable? */
pr0.ndpr_raf_auto =
@ -815,7 +816,7 @@ in6_update_ifa(ifp, ifra, ia)
}
else {
/*
* In this case, ia must not be NULL. We just use its prefix
* In this case, ia must not be NULL. We just use its prefix
* length.
*/
plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
@ -1341,7 +1342,7 @@ in6_lifaddr_ioctl(so, cmd, data, ifp, td)
/* address must be specified on GET with IFLR_PREFIX */
if ((iflr->flags & IFLR_PREFIX) == 0)
break;
/*FALLTHROUGH*/
/* FALLTHROUGH */
case SIOCALIFADDR:
case SIOCDLIFADDR:
/* address must be specified on ADD and DELETE */
@ -1357,10 +1358,10 @@ in6_lifaddr_ioctl(so, cmd, data, ifp, td)
if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6))
return EINVAL;
break;
default: /*shouldn't happen*/
default: /* shouldn't happen */
#if 0
panic("invalid cmd to in6_lifaddr_ioctl");
/*NOTREACHED*/
/* NOTREACHED */
#else
return EOPNOTSUPP;
#endif
@ -1462,7 +1463,7 @@ in6_lifaddr_ioctl(so, cmd, data, ifp, td)
} else {
if (cmd == SIOCGLIFADDR) {
/* on getting an address, take the 1st match */
cmp = 0; /*XXX*/
cmp = 0; /* XXX */
} else {
/* on deleting an address, do exact match */
in6_len2mask(&mask, 128);
@ -1535,7 +1536,7 @@ in6_lifaddr_ioctl(so, cmd, data, ifp, td)
in6_mask2len(&ia->ia_prefixmask.sin6_addr,
NULL);
iflr->flags = ia->ia6_flags; /*XXX*/
iflr->flags = ia->ia6_flags; /* XXX */
return 0;
} else {
@ -1565,7 +1566,7 @@ in6_lifaddr_ioctl(so, cmd, data, ifp, td)
}
}
return EOPNOTSUPP; /*just for safety*/
return EOPNOTSUPP; /* just for safety */
}
/*
@ -1630,7 +1631,7 @@ in6_ifinit(ifp, ia, sin6, newhost)
ia->ia_ifa.ifa_flags |= RTF_CLONING;
}
/* Add ownaddr as loopback rtentry, if necessary(ex. on p2p link). */
/* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */
if (newhost) {
/* set the rtrequest function to create llinfo */
ia->ia_ifa.ifa_rtrequest = nd6_rtrequest;
@ -2237,7 +2238,7 @@ in6_ifawithifp(ifp, dst)
int dst_scope = in6_addrscope(dst), blen = -1, tlen;
struct ifaddr *ifa;
struct in6_ifaddr *besta = 0;
struct in6_ifaddr *dep[2]; /*last-resort: deprecated*/
struct in6_ifaddr *dep[2]; /* last-resort: deprecated */
dep[0] = dep[1] = NULL;
@ -2395,7 +2396,7 @@ in6_setmaxmtu()
}
/*
* Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
* Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
* v4 mapped addr or v4 compat addr
*/
void

24
sys/netinet6/in6.h
View File

@ -126,7 +126,7 @@ struct in6_addr {
};
#define s6_addr __u6_addr.__u6_addr8
#ifdef _KERNEL /*XXX nonstandard*/
#ifdef _KERNEL /* XXX nonstandard */
#define s6_addr8 __u6_addr.__u6_addr8
#define s6_addr16 __u6_addr.__u6_addr16
#define s6_addr32 __u6_addr.__u6_addr32
@ -152,7 +152,7 @@ struct sockaddr_in6 {
/*
* Local definition for masks
*/
#ifdef _KERNEL /*XXX nonstandard*/
#ifdef _KERNEL /* XXX nonstandard */
#define IN6MASK0 {{{ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }}}
#define IN6MASK32 {{{ 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, \
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }}}
@ -177,7 +177,7 @@ extern const struct in6_addr in6mask128;
/*
* Macros started with IPV6_ADDR is KAME local
*/
#ifdef _KERNEL /*XXX nonstandard*/
#ifdef _KERNEL /* XXX nonstandard */
#if BYTE_ORDER == BIG_ENDIAN
#define IPV6_ADDR_INT32_ONE 1
#define IPV6_ADDR_INT32_TWO 2
@ -286,7 +286,7 @@ extern const struct in6_addr in6addr_linklocal_allrouters;
* KAME Scope Values
*/
#ifdef _KERNEL /*XXX nonstandard*/
#ifdef _KERNEL /* XXX nonstandard */
#define IPV6_ADDR_SCOPE_NODELOCAL 0x01
#define IPV6_ADDR_SCOPE_LINKLOCAL 0x02
#define IPV6_ADDR_SCOPE_SITELOCAL 0x05
@ -314,7 +314,7 @@ extern const struct in6_addr in6addr_linklocal_allrouters;
*/
#define IN6_IS_ADDR_MULTICAST(a) ((a)->s6_addr[0] == 0xff)
#ifdef _KERNEL /*XXX nonstandard*/
#ifdef _KERNEL /* XXX nonstandard */
#define IPV6_ADDR_MC_SCOPE(a) ((a)->s6_addr[1] & 0x0f)
#else
#define __IPV6_ADDR_MC_SCOPE(a) ((a)->s6_addr[1] & 0x0f)
@ -323,7 +323,7 @@ extern const struct in6_addr in6addr_linklocal_allrouters;
/*
* Multicast Scope
*/
#ifdef _KERNEL /*refers nonstandard items */
#ifdef _KERNEL /* refers nonstandard items */
#define IN6_IS_ADDR_MC_NODELOCAL(a) \
(IN6_IS_ADDR_MULTICAST(a) && \
(IPV6_ADDR_MC_SCOPE(a) == IPV6_ADDR_SCOPE_NODELOCAL))
@ -357,7 +357,7 @@ extern const struct in6_addr in6addr_linklocal_allrouters;
(__IPV6_ADDR_MC_SCOPE(a) == __IPV6_ADDR_SCOPE_GLOBAL))
#endif
#ifdef _KERNEL /*nonstandard*/
#ifdef _KERNEL /* nonstandard */
/*
* KAME Scope
*/
@ -419,12 +419,12 @@ struct route_in6 {
#define IPV6_BINDV6ONLY IPV6_V6ONLY
#endif
#if 1 /*IPSEC*/
#if 1 /* IPSEC */
#define IPV6_IPSEC_POLICY 28 /* struct; get/set security policy */
#endif
#define IPV6_FAITH 29 /* bool; accept FAITH'ed connections */
#if 1 /*IPV6FIREWALL*/
#if 1 /* IPV6FIREWALL */
#define IPV6_FW_ADD 30 /* add a firewall rule to chain */
#define IPV6_FW_DEL 31 /* delete a firewall rule from chain */
#define IPV6_FW_FLUSH 32 /* flush firewall rule chain */
@ -441,8 +441,8 @@ struct route_in6 {
/*
* Defaults and limits for options
*/
#define IPV6_DEFAULT_MULTICAST_HOPS 1 /* normally limit m'casts to 1 hop */
#define IPV6_DEFAULT_MULTICAST_LOOP 1 /* normally hear sends if a member */
#define IPV6_DEFAULT_MULTICAST_HOPS 1 /* normally limit m'casts to 1 hop */
#define IPV6_DEFAULT_MULTICAST_LOOP 1 /* normally hear sends if a member */
/*
* Argument structure for IPV6_JOIN_GROUP and IPV6_LEAVE_GROUP.
@ -551,7 +551,7 @@ struct in6_pktinfo {
#define IPV6CTL_KAME_VERSION 20
#define IPV6CTL_USE_DEPRECATED 21 /* use deprecated addr (RFC2462 5.5.4) */
#define IPV6CTL_RR_PRUNE 22 /* walk timer for router renumbering */
#if 0 /*obsolete*/
#if 0 /* obsolete */
#define IPV6CTL_MAPPED_ADDR 23
#endif
#define IPV6CTL_V6ONLY 24

30
sys/netinet6/in6_ifattach.c
View File

@ -105,7 +105,7 @@ static int in6_ifattach_loopback __P((struct ifnet *));
static int
get_rand_ifid(ifp, in6)
struct ifnet *ifp;
struct in6_addr *in6; /*upper 64bits are preserved */
struct in6_addr *in6; /* upper 64bits are preserved */
{
MD5_CTX ctxt;
u_int8_t digest[16];
@ -156,8 +156,9 @@ generate_tmp_ifid(seed0, seed1, ret)
val32 = random() ^ tv.tv_usec;
bcopy(&val32, seed + sizeof(val32) * i, sizeof(val32));
}
} else
} else {
bcopy(seed0, seed, 8);
}
/* copy the right-most 64-bits of the given address */
/* XXX assumption on the size of IFID */
@ -227,7 +228,7 @@ generate_tmp_ifid(seed0, seed1, ret)
static int
get_hw_ifid(ifp, in6)
struct ifnet *ifp;
struct in6_addr *in6; /*upper 64bits are preserved */
struct in6_addr *in6; /* upper 64bits are preserved */
{
struct ifaddr *ifa;
struct sockaddr_dl *sdl;
@ -360,7 +361,7 @@ get_hw_ifid(ifp, in6)
static int
get_ifid(ifp0, altifp, in6)
struct ifnet *ifp0;
struct ifnet *altifp; /*secondary EUI64 source*/
struct ifnet *altifp; /* secondary EUI64 source */
struct in6_addr *in6;
{
struct ifnet *ifp;
@ -479,7 +480,7 @@ in6_ifattach_linklocal(ifp, altifp)
/*
* Do not let in6_update_ifa() do DAD, since we need a random delay
* before sending an NS at the first time the inteface becomes up.
* before sending an NS at the first time the interface becomes up.
* Instead, in6_if_up() will start DAD with a proper random delay.
*/
ifra.ifra_flags |= IN6_IFF_NODAD;
@ -487,7 +488,8 @@ in6_ifattach_linklocal(ifp, altifp)
/*
* Now call in6_update_ifa() to do a bunch of procedures to configure
* a link-local address. We can set NULL to the 3rd argument, because
* we know there's no other link-local address on the interface.
* we know there's no other link-local address on the interface
* and therefore we are adding one (instead of updating one).
*/
if ((error = in6_update_ifa(ifp, &ifra, NULL)) != 0) {
/*
@ -513,7 +515,7 @@ in6_ifattach_linklocal(ifp, altifp)
#ifdef DIAGNOSTIC
if (!ia) {
panic("ia == NULL in in6_ifattach_linklocal");
/*NOTREACHED*/
/* NOTREACHED */
}
#endif
if (in6if_do_dad(ifp) && (ifp->if_flags & IFF_POINTOPOINT) == 0) {
@ -597,15 +599,15 @@ in6_ifattach_loopback(ifp)
ifra.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME;
ifra.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME;
/* we don't need to perfrom DAD on loopback interfaces. */
/* we don't need to perform DAD on loopback interfaces. */
ifra.ifra_flags |= IN6_IFF_NODAD;
/* skip registration to the prefix list. XXX should be temporary. */
ifra.ifra_flags |= IN6_IFF_NOPFX;
/*
* We can set NULL to the 3rd arg. See comments in
* in6_ifattach_linklocal().
* We are sure that this is a newly assigned address, so we can set
* NULL to the 3rd arg.
*/
if ((error = in6_update_ifa(ifp, &ifra, NULL)) != 0) {
log(LOG_ERR, "in6_ifattach_loopback: failed to configure "
@ -644,7 +646,7 @@ in6_nigroup(ifp, name, namelen, in6)
while (p && *p && *p != '.' && p - name < namelen)
p++;
if (p - name > sizeof(n) - 1)
return -1; /*label too long*/
return -1; /* label too long */
l = p - name;
strncpy(n, name, l);
n[(int)l] = '\0';
@ -798,8 +800,10 @@ in6_ifattach(ifp, altifp)
#ifdef IFT_STF
case IFT_STF:
/*
* 6to4 interface is a very speical kind of beast.
* no multicast, no linklocal (based on 03 draft).
* 6to4 interface is a very special kind of beast.
* no multicast, no linklocal. RFC2529 specifies how to make
* linklocals for 6to4 interface, but there's no use and
* it is rather harmful to have one.
*/
goto statinit;
#endif

5
sys/netinet6/in6_pcb.c
View File

@ -342,7 +342,8 @@ in6_pcbconnect(inp, nam, td)
int error;
/*
* Call inner routine, to assign local interface address.
* Call inner routine, to assign local interface address.
* in6_pcbladdr() may automatically fill in sin6_scope_id.
*/
if ((error = in6_pcbladdr(inp, nam, &addr6)) != 0)
return(error);
@ -722,6 +723,7 @@ in6_mapped_sockaddr(struct socket *so, struct sockaddr **nam)
if (error == 0)
in6_sin_2_v4mapsin6_in_sock(nam);
} else
/* scope issues will be handled in in6_setsockaddr(). */
error = in6_setsockaddr(so, nam);
return error;
@ -740,6 +742,7 @@ in6_mapped_peeraddr(struct socket *so, struct sockaddr **nam)
if (error == 0)
in6_sin_2_v4mapsin6_in_sock(nam);
} else
/* scope issues will be handled in in6_setpeeraddr(). */
error = in6_setpeeraddr(so, nam);
return error;

4
sys/netinet6/in6_proto.c
View File

@ -124,7 +124,7 @@
#ifdef INET6
#include <netinet6/ipcomp6.h>
#endif
#endif /*IPSEC*/
#endif /* IPSEC */
#include <netinet6/ip6protosw.h>
@ -224,7 +224,7 @@ struct ip6protosw inet6sw[] = {
encap_init, 0, 0, 0,
&rip6_usrreqs
},
#endif /*INET*/
#endif /* INET */
{ SOCK_RAW, &inet6domain, IPPROTO_IPV6, PR_ATOMIC|PR_ADDR|PR_LASTHDR,
encap6_input, rip6_output, 0, rip6_ctloutput,
0,

4
sys/netinet6/in6_rmx.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: in6_rmx.c,v 1.10 2001/05/24 05:44:58 itojun Exp $ */
/* $KAME: in6_rmx.c,v 1.11 2001/07/26 06:53:16 jinmei Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -433,7 +433,7 @@ in6_mtutimo(void *rock)
atv.tv_sec = arg.nextstop;
if (atv.tv_sec < time_second) {
printf("invalid mtu expiration time on routing table\n");
arg.nextstop = time_second + 30; /*last resort*/
arg.nextstop = time_second + 30; /* last resort */
}
timeout(in6_mtutimo, rock, tvtohz(&atv));
}

4
sys/netinet6/in6_var.h
View File

@ -80,7 +80,7 @@
* hour rule for hosts). they should never be modified by nd6_timeout or
* anywhere else.
* userland -> kernel: accept pltime/vltime
* kernel -> userland: throuw up everything
* kernel -> userland: throw up everything
* in kernel: modify preferred/expire only
*/
struct in6_addrlifetime {
@ -513,7 +513,7 @@ extern LIST_HEAD(in6_multihead, in6_multi) in6_multihead;
/*
* Structure used by macros below to remember position when stepping through
* all of eht in6_multi records.
* all of the in6_multi records.
*/
struct in6_multistep {
struct in6_ifaddr *i_ia;

7
sys/netinet6/ip6_forward.c
View File

@ -128,7 +128,7 @@ ip6_forward(m, srcrt)
m_freem(m);
return;
}
#endif /*IPSEC*/
#endif /* IPSEC */
/*
* Do not forward packets to multicast destination (should be handled
@ -278,7 +278,7 @@ ip6_forward(m, srcrt)
break;
default:
printf("ip6_output (ipsec): error code %d\n", error);
/*fall through*/
/* fall through */
case ENOENT:
/* don't show these error codes to the user */
break;
@ -354,7 +354,7 @@ ip6_forward(m, srcrt)
* for the reason that the destination is beyond the scope of the
* source address, discard the packet and return an icmp6 destination
* unreachable error with Code 2 (beyond scope of source address).
* [draft-ietf-ipngwg-icmp-v3-00.txt, Section 3.1]
* [draft-ietf-ipngwg-icmp-v3-02.txt, Section 3.1]
*/
if (in6_addr2scopeid(m->m_pkthdr.rcvif, &ip6->ip6_src) !=
in6_addr2scopeid(rt->rt_ifp, &ip6->ip6_src)) {
@ -550,7 +550,6 @@ ip6_forward(m, srcrt)
}
if (mcopy == NULL)
return;
switch (error) {
case 0:
#if 1

29
sys/netinet6/ip6_fw.c
View File

@ -1,6 +1,35 @@
/* $FreeBSD$ */
/* $KAME: ip6_fw.c,v 1.21 2001/01/24 01:25:32 itojun Exp $ */
/*
* Copyright (C) 1998, 1999, 2000 and 2001 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Copyright (c) 1993 Daniel Boulet
* Copyright (c) 1994 Ugen J.S.Antsilevich

31
sys/netinet6/ip6_fw.h
View File

@ -1,5 +1,34 @@
/* $FreeBSD$ */
/* $KAME: ip6_fw.h,v 1.7 2001/01/24 01:25:33 itojun Exp $ */
/* $KAME: ip6_fw.h,v 1.9 2001/08/01 04:29:57 sumikawa Exp $ */
/*
* Copyright (C) 1998, 1999, 2000 and 2001 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Copyright (c) 1993 Daniel Boulet

16
sys/netinet6/ip6_input.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ip6_input.c,v 1.194 2001/05/27 13:28:35 itojun Exp $ */
/* $KAME: ip6_input.c,v 1.259 2002/01/21 04:58:09 jinmei Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -100,7 +100,7 @@
#ifdef INET
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#endif /*INET*/
#endif /* INET */
#include <netinet/ip6.h>
#include <netinet6/in6_var.h>
#include <netinet6/ip6_var.h>
@ -147,7 +147,6 @@ struct ip6stat ip6stat;
static void ip6_init2 __P((void *));
static struct mbuf *ip6_setdstifaddr __P((struct mbuf *, struct in6_ifaddr *));
static int ip6_hopopts_input __P((u_int32_t *, u_int32_t *, struct mbuf **, int *));
#ifdef PULLDOWN_TEST
static struct mbuf *ip6_pullexthdr __P((struct mbuf *, size_t, int));
@ -279,7 +278,7 @@ ip6_input(m)
ip6_delaux(m);
/*
* mbuf statistics by kazu
* mbuf statistics
*/
if (m->m_flags & M_EXT) {
if (m->m_next)
@ -290,7 +289,7 @@ ip6_input(m)
#define M2MMAX (sizeof(ip6stat.ip6s_m2m)/sizeof(ip6stat.ip6s_m2m[0]))
if (m->m_next) {
if (m->m_flags & M_LOOP) {
ip6stat.ip6s_m2m[loif[0].if_index]++; /*XXX*/
ip6stat.ip6s_m2m[loif[0].if_index]++; /* XXX */
} else if (m->m_pkthdr.rcvif->if_index < M2MMAX)
ip6stat.ip6s_m2m[m->m_pkthdr.rcvif->if_index]++;
else
@ -322,7 +321,7 @@ ip6_input(m)
n = NULL;
}
}
if (!n) {
if (n == NULL) {
m_freem(m);
return; /*ENOBUFS*/
}
@ -412,6 +411,7 @@ ip6_input(m)
in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr);
goto bad;
}
/*
* The following check is not documented in specs. A malicious
* party may be able to use IPv4 mapped addr to confuse tcp/udp stack
@ -635,7 +635,7 @@ ip6_input(m)
&& ip6_forward_rt.ro_rt->rt_ifp->if_type == IFT_FAITH) {
/* XXX do we need more sanity checks? */
ours = 1;
deliverifp = ip6_forward_rt.ro_rt->rt_ifp; /*faith*/
deliverifp = ip6_forward_rt.ro_rt->rt_ifp; /* faith */
goto hbhcheck;
}
}
@ -692,7 +692,7 @@ ip6_input(m)
ip6 = mtod(m, struct ip6_hdr *);
/*
* if the payload length field is 0 and the next header field
* if the payload length field is 0 and the next header field
* indicates Hop-by-Hop Options header, then a Jumbo Payload
* option MUST be included.
*/

23
sys/netinet6/ip6_mroute.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ip6_mroute.c,v 1.46 2001/04/04 05:17:30 itojun Exp $ */
/* $KAME: ip6_mroute.c,v 1.58 2001/12/18 02:36:31 itojun Exp $ */
/*
* Copyright (C) 1998 WIDE Project.
@ -94,7 +94,7 @@ static int register_send __P((struct ip6_hdr *, struct mif6 *,
* Globals. All but ip6_mrouter, ip6_mrtproto and mrt6stat could be static,
* except for netstat or debugging purposes.
*/
struct socket *ip6_mrouter = NULL;
struct socket *ip6_mrouter = NULL;
int ip6_mrouter_ver = 0;
int ip6_mrtproto = IPPROTO_PIM; /* for netstat only */
struct mrt6stat mrt6stat;
@ -103,7 +103,7 @@ struct mrt6stat mrt6stat;
#define RTE_FOUND 0x2
struct mf6c *mf6ctable[MF6CTBLSIZ];
u_char nexpire[MF6CTBLSIZ];
u_char n6expire[MF6CTBLSIZ];
static struct mif6 mif6table[MAXMIFS];
#ifdef MRT6DEBUG
u_int mrt6debug = 0; /* debug level */
@ -408,7 +408,7 @@ ip6_mrouter_init(so, m, cmd)
ip6_mrouter_ver = cmd;
bzero((caddr_t)mf6ctable, sizeof(mf6ctable));
bzero((caddr_t)nexpire, sizeof(nexpire));
bzero((caddr_t)n6expire, sizeof(n6expire));
pim6 = 0;/* used for stubbing out/in pim stuff */
@ -666,7 +666,8 @@ add_m6fc(mfccp)
if (rt) {
#ifdef MRT6DEBUG
if (mrt6debug & DEBUG_MFC)
log(LOG_DEBUG,"add_m6fc update o %s g %s p %x\n",
log(LOG_DEBUG,
"add_m6fc no upcall h %d o %s g %s p %x\n",
ip6_sprintf(&mfccp->mf6cc_origin.sin6_addr),
ip6_sprintf(&mfccp->mf6cc_mcastgrp.sin6_addr),
mfccp->mf6cc_parent);
@ -719,7 +720,7 @@ add_m6fc(mfccp)
rt->mf6c_wrong_if = 0;
rt->mf6c_expire = 0; /* Don't clean this guy up */
nexpire[hash]--;
n6expire[hash]--;
/* free packets Qed at the end of this entry */
for (rte = rt->mf6c_stall; rte != NULL; ) {
@ -766,7 +767,7 @@ add_m6fc(mfccp)
rt->mf6c_wrong_if = 0;
if (rt->mf6c_expire)
nexpire[hash]--;
n6expire[hash]--;
rt->mf6c_expire = 0;
}
}
@ -1130,7 +1131,7 @@ ip6_mforward(ip6, ifp, m)
rt->mf6c_mcastgrp.sin6_len = sizeof(struct sockaddr_in6);
rt->mf6c_mcastgrp.sin6_addr = ip6->ip6_dst;
rt->mf6c_expire = UPCALL_EXPIRE;
nexpire[hash]++;
n6expire[hash]++;
rt->mf6c_parent = MF6C_INCOMPLETE_PARENT;
/* link into table */
@ -1184,7 +1185,7 @@ expire_upcalls(unused)
s = splnet();
for (i = 0; i < MF6CTBLSIZ; i++) {
if (nexpire[i] == 0)
if (n6expire[i] == 0)
continue;
nptr = &mf6ctable[i];
while ((mfc = *nptr) != NULL) {
@ -1214,7 +1215,7 @@ expire_upcalls(unused)
rte = n;
} while (rte != NULL);
mrt6stat.mrt6s_cache_cleanups++;
nexpire[i]--;
n6expire[i]--;
*nptr = mfc->mf6c_next;
free(mfc, M_MRTABLE);
@ -1565,7 +1566,7 @@ register_send(ip6, mif, m)
#ifdef MRT6DEBUG
if (mrt6debug)
log(LOG_WARNING,
"register_send: ip_mrouter socket queue full\n");
"register_send: ip6_mrouter socket queue full\n");
#endif
++mrt6stat.mrt6s_upq_sockfull;
return ENOBUFS;

2
sys/netinet6/ip6_mroute.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ip6_mroute.h,v 1.17 2001/02/10 02:05:52 itojun Exp $ */
/* $KAME: ip6_mroute.h,v 1.19 2001/06/14 06:12:55 suz Exp $ */
/*
* Copyright (C) 1998 WIDE Project.

23
sys/netinet6/ip6_output.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ip6_output.c,v 1.180 2001/05/21 05:37:50 jinmei Exp $ */
/* $KAME: ip6_output.c,v 1.279 2002/01/26 06:12:30 jinmei Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -316,7 +316,8 @@ ip6_output(m0, opt, ro, flags, im6o, ifpp)
/*
* we treat dest2 specially. this makes IPsec processing
* much easier.
* much easier. the goal here is to make mprev point the
* mbuf prior to dest2.
*
* result: IPv6 dest2 payload
* m and mprev will point to IPv6 header.
@ -394,7 +395,7 @@ ip6_output(m0, opt, ro, flags, im6o, ifpp)
break;
default:
printf("ip6_output (ipsec): error code %d\n", error);
/*fall through*/
/* fall through */
case ENOENT:
/* don't show these error codes to the user */
error = 0;
@ -524,7 +525,7 @@ skip_ipsec2:;
break;
default:
printf("ip6_output (ipsec): error code %d\n", error);
/*fall through*/
/* fall through */
case ENOENT:
/* don't show these error codes to the user */
error = 0;
@ -535,7 +536,7 @@ skip_ipsec2:;
exthdrs.ip6e_ip6 = m;
}
#endif /*IPSEC*/
#endif /* IPSEC */
if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
/* Unicast */
@ -788,9 +789,8 @@ skip_ipsec2:;
* We eventually have sockaddr_in6 and use the sin6_scope_id
* field of the structure here.
* We rely on the consistency between two scope zone ids
* of source add destination, which should already be assured
* larger scopes than link will be supported in the near
* future.
* of source and destination, which should already be assured.
* Larger scopes than link will be supported in the future.
*/
origifp = NULL;
if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src))
@ -828,7 +828,7 @@ skip_ipsec2:;
*/
if (ip6_fw_enable && ip6_fw_chk_ptr) {
u_short port = 0;
m->m_pkthdr.rcvif = NULL; /*XXX*/
m->m_pkthdr.rcvif = NULL; /* XXX */
/* If ipfw says divert, we have to just drop packet */
if ((*ip6_fw_chk_ptr)(&ip6, ifp, &port, &m)) {
m_freem(m);
@ -982,7 +982,8 @@ skip_ipsec2:;
/*
* Loop through length of segment after first fragment,
* make new header and copy data of each part and link onto chain.
* make new header and copy data of each part and link onto
* chain.
*/
m0 = m;
for (off = hlen; off < tlen; off += len) {
@ -2177,7 +2178,7 @@ ip6_getmoptions(optname, im6o, mp)
{
u_int *hlim, *loop, *ifindex;
*mp = m_get(M_TRYWAIT, MT_HEADER); /*XXX*/
*mp = m_get(M_TRYWAIT, MT_HEADER); /* XXX */
switch (optname) {

2
sys/netinet6/ip6protosw.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ip6protosw.h,v 1.22 2001/02/08 18:02:08 itojun Exp $ */
/* $KAME: ip6protosw.h,v 1.25 2001/09/26 06:13:03 keiichi Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.

6
sys/netinet6/ipcomp.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ipcomp.h,v 1.8 2000/09/26 07:55:14 itojun Exp $ */
/* $KAME: ipcomp.h,v 1.11 2001/09/04 08:43:19 itojun Exp $ */
/*
* Copyright (C) 1999 WIDE Project.
@ -66,6 +66,6 @@ struct ipsecrequest;
extern const struct ipcomp_algorithm *ipcomp_algorithm_lookup __P((int));
extern void ipcomp4_input __P((struct mbuf *, int));
extern int ipcomp4_output __P((struct mbuf *, struct ipsecrequest *));
#endif /*KERNEL*/
#endif /* KERNEL */
#endif /*_NETINET6_IPCOMP_H_*/
#endif /* _NETINET6_IPCOMP_H_ */

10
sys/netinet6/ipcomp_core.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ipcomp_core.c,v 1.24 2000/10/23 04:24:22 itojun Exp $ */
/* $KAME: ipcomp_core.c,v 1.25 2001/07/26 06:53:17 jinmei Exp $ */
/*
* Copyright (C) 1999 WIDE Project.
@ -156,7 +156,7 @@ do { \
n->m_len = 0; \
n->m_len = M_TRAILINGSPACE(n); \
n->m_next = NULL; \
/* \
/* \
* if this is the first reply buffer, reserve \
* region for ipcomp header. \
*/ \
@ -217,13 +217,13 @@ do { \
: deflate(&zs, Z_NO_FLUSH);
if (zerror == Z_STREAM_END)
; /*once more.*/
; /* once more. */
else if (zerror == Z_OK) {
/* inflate: Z_OK can indicate the end of decode */
if (mode && !p && zs.avail_out != 0)
goto terminate;
else
; /*once more.*/
; /* once more. */
} else {
if (zs.msg) {
ipseclog((LOG_ERR, "ipcomp_%scompress: "
@ -258,7 +258,7 @@ do { \
if (zerror == Z_STREAM_END)
break;
else if (zerror == Z_OK)
; /*once more.*/
; /* once more. */
else {
if (zs.msg) {
ipseclog((LOG_ERR, "ipcomp_%scompress: "

8
sys/netinet6/ipcomp_input.c
View File

@ -111,7 +111,7 @@ ipcomp4_input(m, off)
md = m_pulldown(m, off, sizeof(*ipcomp), NULL);
if (!m) {
m = NULL; /*already freed*/
m = NULL; /* already freed */
ipseclog((LOG_DEBUG, "IPv4 IPComp input: assumption failed "
"(pulldown failure)\n"));
ipsecstat.in_inval++;
@ -135,7 +135,7 @@ ipcomp4_input(m, off)
if (sav != NULL
&& (sav->state == SADB_SASTATE_MATURE
|| sav->state == SADB_SASTATE_DYING)) {
cpi = sav->alg_enc; /*XXX*/
cpi = sav->alg_enc; /* XXX */
/* other parameters to look at? */
}
}
@ -261,7 +261,7 @@ ipcomp6_input(mp, offp, proto)
md = m_pulldown(m, off, sizeof(*ipcomp), NULL);
if (!m) {
m = NULL; /*already freed*/
m = NULL; /* already freed */
ipseclog((LOG_DEBUG, "IPv6 IPComp input: assumption failed "
"(pulldown failure)\n"));
ipsec6stat.in_inval++;
@ -279,7 +279,7 @@ ipcomp6_input(mp, offp, proto)
if (sav != NULL
&& (sav->state == SADB_SASTATE_MATURE
|| sav->state == SADB_SASTATE_DYING)) {
cpi = sav->alg_enc; /*XXX*/
cpi = sav->alg_enc; /* XXX */
/* other parameters to look at? */
}
}

10
sys/netinet6/ipcomp_output.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ipcomp_output.c,v 1.23 2001/01/23 08:59:37 itojun Exp $ */
/* $KAME: ipcomp_output.c,v 1.24 2001/07/26 06:53:18 jinmei Exp $ */
/*
* Copyright (C) 1999 WIDE Project.
@ -118,7 +118,7 @@ ipcomp_output(m, nexthdrp, md, isr, af)
struct secasvar *sav = isr->sav;
const struct ipcomp_algorithm *algo;
u_int16_t cpi; /* host order */
size_t plen0, plen; /*payload length to be compressed*/
size_t plen0, plen; /* payload length to be compressed */
size_t compoff;
int afnumber;
int error = 0;
@ -249,7 +249,7 @@ ipcomp_output(m, nexthdrp, md, isr, af)
#ifdef INET6
struct ip6_hdr *ip6 = NULL;
#endif
size_t hlen = 0; /*ip header len*/
size_t hlen = 0; /* ip header len */
size_t complen = sizeof(struct ipcomp);
switch (af) {
@ -363,7 +363,7 @@ ipcomp4_output(m, isr)
/* XXX assumes that m->m_next points to payload */
return ipcomp_output(m, &ip->ip_p, m->m_next, isr, AF_INET);
}
#endif /*INET*/
#endif /* INET */
#ifdef INET6
int
@ -381,4 +381,4 @@ ipcomp6_output(m, nexthdrp, md, isr)
}
return ipcomp_output(m, nexthdrp, md, isr, AF_INET6);
}
#endif /*INET6*/
#endif /* INET6 */

48
sys/netinet6/ipsec.c
View File

@ -1805,7 +1805,7 @@ ipsec_hdrsiz(sp)
size_t siz, clen;
KEYDEBUG(KEYDEBUG_IPSEC_DATA,
printf("ipsec_in_reject: using SP\n");
printf("ipsec_hdrsiz: using SP\n");
kdebug_secpolicy(sp));
/* check policy */
@ -1834,7 +1834,7 @@ ipsec_hdrsiz(sp)
#ifdef IPSEC_ESP
clen = esp_hdrsiz(isr);
#else
clen = 0; /*XXX*/
clen = 0; /* XXX */
#endif
break;
case IPPROTO_AH:
@ -1945,7 +1945,7 @@ ipsec6_hdrsiz(m, dir, in6p)
return size;
}
#endif /*INET6*/
#endif /* INET6 */
#ifdef INET
/*
@ -2041,13 +2041,13 @@ ipsec4_encapsulate(m, sav)
ip->ip_off &= htons(~IP_OFFMASK);
ip->ip_off &= htons(~IP_MF);
switch (ip4_ipsec_dfbit) {
case 0: /*clear DF bit*/
case 0: /* clear DF bit */
ip->ip_off &= htons(~IP_DF);
break;
case 1: /*set DF bit*/
case 1: /* set DF bit */
ip->ip_off |= htons(IP_DF);
break;
default: /*copy DF bit*/
default: /* copy DF bit */
break;
}
ip->ip_p = IPPROTO_IPIP;
@ -2072,7 +2072,7 @@ ipsec4_encapsulate(m, sav)
return 0;
}
#endif /*INET*/
#endif /* INET */
#ifdef INET6
static int
@ -2152,7 +2152,7 @@ ipsec6_encapsulate(m, sav)
return 0;
}
#endif /*INET6*/
#endif /* INET6 */
/*
* Check the variable replay window.
@ -2317,7 +2317,7 @@ ipsec_updatereplay(seq, sav)
}
/*
* shift variable length bunffer to left.
* shift variable length buffer to left.
* IN: bitmap: pointer to the buffer
* nbit: the number of to shift.
* wsize: buffer size (bytes).
@ -2397,7 +2397,7 @@ ipsec6_logpacketstr(ip6, spi)
return buf;
}
#endif /*INET6*/
#endif /* INET6 */
const char *
ipsec_logsastr(sav)
@ -2712,17 +2712,17 @@ ipsec6_output_trans(state, nexthdrp, mprev, sp, flags, tun)
struct sockaddr_in6 *sin6;
if (!state)
panic("state == NULL in ipsec6_output");
panic("state == NULL in ipsec6_output_trans");
if (!state->m)
panic("state->m == NULL in ipsec6_output");
panic("state->m == NULL in ipsec6_output_trans");
if (!nexthdrp)
panic("nexthdrp == NULL in ipsec6_output");
panic("nexthdrp == NULL in ipsec6_output_trans");
if (!mprev)
panic("mprev == NULL in ipsec6_output");
panic("mprev == NULL in ipsec6_output_trans");
if (!sp)
panic("sp == NULL in ipsec6_output");
panic("sp == NULL in ipsec6_output_trans");
if (!tun)
panic("tun == NULL in ipsec6_output");
panic("tun == NULL in ipsec6_output_trans");
KEYDEBUG(KEYDEBUG_IPSEC_DATA,
printf("ipsec6_output_trans: applyed SP\n");
@ -2846,7 +2846,7 @@ ipsec6_output_trans(state, nexthdrp, mprev, sp, flags, tun)
ipseclog((LOG_ERR, "ipsec6_output_trans: "
"IPsec with IPv6 jumbogram is not supported\n"));
ipsec6stat.out_inval++;
error = EINVAL; /*XXX*/
error = EINVAL; /* XXX */
goto bad;
}
ip6 = mtod(state->m, struct ip6_hdr *);
@ -2883,11 +2883,11 @@ ipsec6_output_tunnel(state, sp, flags)
int s;
if (!state)
panic("state == NULL in ipsec6_output");
panic("state == NULL in ipsec6_output_tunnel");
if (!state->m)
panic("state->m == NULL in ipsec6_output");
panic("state->m == NULL in ipsec6_output_tunnel");
if (!sp)
panic("sp == NULL in ipsec6_output");
panic("sp == NULL in ipsec6_output_tunnel");
KEYDEBUG(KEYDEBUG_IPSEC_DATA,
printf("ipsec6_output_tunnel: applyed SP\n");
@ -3067,7 +3067,7 @@ ipsec6_output_tunnel(state, sp, flags)
break;
case IPPROTO_IPCOMP:
/* XXX code should be here */
/*FALLTHROUGH*/
/* FALLTHROUGH */
default:
ipseclog((LOG_ERR, "ipsec6_output_tunnel: "
"unknown ipsec protocol %d\n", isr->saidx.proto));
@ -3085,7 +3085,7 @@ ipsec6_output_tunnel(state, sp, flags)
ipseclog((LOG_ERR, "ipsec6_output_tunnel: "
"IPsec with IPv6 jumbogram is not supported\n"));
ipsec6stat.out_inval++;
error = EINVAL; /*XXX*/
error = EINVAL; /* XXX */
goto bad;
}
ip6 = mtod(state->m, struct ip6_hdr *);
@ -3099,7 +3099,7 @@ ipsec6_output_tunnel(state, sp, flags)
state->m = NULL;
return error;
}
#endif /*INET6*/
#endif /* INET6 */
#ifdef INET
/*
@ -3557,7 +3557,7 @@ ipsec_addhist(m, proto, spi)
if (!n)
return ENOBUFS;
if (M_TRAILINGSPACE(n) < sizeof(*p))
return ENOSPC; /*XXX*/
return ENOSPC; /* XXX */
p = (struct ipsec_history *)(mtod(n, caddr_t) + n->m_len);
n->m_len += sizeof(*p);
bzero(p, sizeof(*p));

19
sys/netinet6/ipsec.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: ipsec.h,v 1.44 2001/03/23 08:08:47 itojun Exp $ */
/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -49,10 +49,9 @@
/*
* Security Policy Index
* NOTE: Ensure to be same address family and upper layer protocol.
* NOTE: ul_proto, port number, uid, gid:
* ANY: reserved for waldcard.
* 0 to (~0 - 1): is one of the number of each value.
* Ensure that both address families in the "src" and "dst" are same.
* When the value of the ul_proto is ICMPv6, the port field in "src"
* specifies ICMPv6 type, and the port field in "dst" specifies ICMPv6 code.
*/
struct secpolicyindex {
u_int8_t dir; /* direction of packet flow, see blow */
@ -128,7 +127,7 @@ struct secspacq {
int count; /* for lifetime */
/* XXX: here is mbuf place holder to be sent ? */
};
#endif /*_KERNEL*/
#endif /* _KERNEL */
/* according to IANA assignment, port 0x0000 and proto 0xff are reserved. */
#define IPSEC_PORT_ANY 0
@ -225,7 +224,7 @@ struct ipsecstat {
#define IPSECCTL_DEF_ESP_NETLEV 4 /* int; ESP tunnel mode */
#define IPSECCTL_DEF_AH_TRANSLEV 5 /* int; AH transport mode */
#define IPSECCTL_DEF_AH_NETLEV 6 /* int; AH tunnel mode */
#if 0 /*obsolete, do not reuse*/
#if 0 /* obsolete, do not reuse */
#define IPSECCTL_INBOUND_CALL_IKE 7
#endif
#define IPSECCTL_AH_CLEARTOS 8
@ -342,7 +341,7 @@ extern struct socket *ipsec_getsocket __P((struct mbuf *));
extern int ipsec_addhist __P((struct mbuf *, int, u_int32_t));
extern struct ipsec_history *ipsec_gethist __P((struct mbuf *, int *));
extern void ipsec_clearhist __P((struct mbuf *));
#endif /*_KERNEL*/
#endif /* _KERNEL */
#ifndef _KERNEL
extern caddr_t ipsec_set_policy __P((char *, int));
@ -350,6 +349,6 @@ extern int ipsec_get_policylen __P((caddr_t));
extern char *ipsec_dump_policy __P((caddr_t, char *));
extern const char *ipsec_strerror __P((void));
#endif /*!_KERNEL*/
#endif /* !_KERNEL */
#endif /*_NETINET6_IPSEC_H_*/
#endif /* _NETINET6_IPSEC_H_ */

79
sys/netinet6/nd6.c
View File

@ -428,7 +428,6 @@ nd6_timer(ignored_arg)
nd6_timer, NULL);
ln = llinfo_nd6.ln_next;
/* XXX BSD/OS separates this code -- itojun */
while (ln && ln != &llinfo_nd6) {
struct rtentry *rt;
struct sockaddr_in6 *dst;
@ -451,7 +450,7 @@ nd6_timer(ignored_arg)
ln = next;
continue;
}
/* sanity check */
if (!rt)
panic("rt=0 in nd6_timer(ln=%p)\n", ln);
@ -562,7 +561,7 @@ nd6_timer(ignored_arg)
/*
* If the expiring address is temporary, try
* regenerating a new one. This would be useful when
* we suspended a laptop PC, then turned on after a
* we suspended a laptop PC, then turned it on after a
* period that could invalidate all temporary
* addresses. Although we may have to restart the
* loop (see below), it must be after purging the
@ -600,8 +599,8 @@ nd6_timer(ignored_arg)
* has changed while we are still in
* the loop. Although the change
* would not cause disaster (because
* it's not an addition, but a
* deletion,) we'd rather restart the
* it's not a deletion, but an
* addition,) we'd rather restart the
* loop just for safety. Or does this
* significantly reduce performance??
*/
@ -624,14 +623,6 @@ nd6_timer(ignored_arg)
* check prefix lifetime.
* since pltime is just for autoconf, pltime processing for
* prefix is not necessary.
*
* we offset expire time by NDPR_KEEP_EXPIRE, so that we
* can use the old prefix information to validate the
* next prefix information to come. See prelist_update()
* for actual validation.
*
* I don't think such an offset is necessary.
* (jinmei@kame.net, 20010130).
*/
if (pr->ndpr_expire && pr->ndpr_expire < time_second) {
struct nd_prefix *t;
@ -838,10 +829,10 @@ nd6_lookup(addr6, create, ifp)
return(NULL);
/*
* Create a new route. RTF_LLINFO is necessary
* Create a new route. RTF_LLINFO is necessary
* to create a Neighbor Cache entry for the
* destination in nd6_rtrequest which will be
* called in rtequest via ifa->ifa_rtrequest.
* called in rtrequest via ifa->ifa_rtrequest.
*/
if ((e = rtrequest(RTM_ADD, (struct sockaddr *)&sin6,
ifa->ifa_addr,
@ -987,7 +978,7 @@ nd6_free(rt)
/*
* Temporarily fake the state to choose a new default
* router and to perform on-link determination of
* prefixes coreectly.
* prefixes correctly.
* Below the state will be set correctly,
* or the entry itself will be deleted.
*/
@ -1022,7 +1013,7 @@ nd6_free(rt)
* Before deleting the entry, remember the next entry as the
* return value. We need this because pfxlist_onlink_check() above
* might have freed other entries (particularly the old next entry) as
* a side effect (XXX).
* a side effect (XXX).
*/
next = ln->ln_next;
@ -1101,7 +1092,7 @@ nd6_rtrequest(req, rt, info)
struct ifnet *ifp = rt->rt_ifp;
struct ifaddr *ifa;
if (rt->rt_flags & RTF_GATEWAY)
if ((rt->rt_flags & RTF_GATEWAY))
return;
if (nd6_need_cache(ifp) == 0 && (rt->rt_flags & RTF_HOST) == 0) {
@ -1148,7 +1139,7 @@ nd6_rtrequest(req, rt, info)
if (rt->rt_flags & (RTF_CLONING | RTF_LLINFO)) {
/*
* Case 1: This route should come from
* a route to interface. RTF_LLINFO flag is set
* a route to interface. RTF_LLINFO flag is set
* for a host route whose destination should be
* treated as on-link.
*/
@ -1163,13 +1154,13 @@ nd6_rtrequest(req, rt, info)
if (ln && ln->ln_expire == 0) {
/* kludge for desktops */
#if 0
printf("nd6_request: time.tv_sec is zero; "
printf("nd6_rtequest: time.tv_sec is zero; "
"treat it as 1\n");
#endif
ln->ln_expire = 1;
}
#endif
if (rt->rt_flags & RTF_CLONING)
if ((rt->rt_flags & RTF_CLONING))
break;
}
/*
@ -1271,7 +1262,7 @@ nd6_rtrequest(req, rt, info)
SDL(gate)->sdl_alen = ifp->if_addrlen;
}
if (nd6_useloopback) {
rt->rt_ifp = &loif[0]; /*XXX*/
rt->rt_ifp = &loif[0]; /* XXX */
/*
* Make sure rt_ifa be equal to the ifaddr
* corresponding to the address.
@ -1521,7 +1512,7 @@ nd6_ioctl(cmd, data, ifp)
/* do we really have to remove addresses as well? */
for (ia = in6_ifaddr; ia; ia = ia_next) {
/* ia might be removed. keep the next ptr. */
/* ia might be removed. keep the next ptr. */
ia_next = ia->ia_next;
if ((ia->ia6_flags & IN6_IFF_AUTOCONF) == 0)
@ -1691,7 +1682,7 @@ nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code)
* 1 -- y -- (7) * STALE
*/
if (lladdr) { /*(3-5) and (7)*/
if (lladdr) { /* (3-5) and (7) */
/*
* Record source link-layer address
* XXX is it dependent to ifp->if_type?
@ -1701,17 +1692,17 @@ nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code)
}
if (!is_newentry) {
if ((!olladdr && lladdr) /*(3)*/
|| (olladdr && lladdr && llchange)) { /*(5)*/
if ((!olladdr && lladdr) /* (3) */
|| (olladdr && lladdr && llchange)) { /* (5) */
do_update = 1;
newstate = ND6_LLINFO_STALE;
} else /*(1-2,4)*/
} else /* (1-2,4) */
do_update = 0;
} else {
do_update = 1;
if (!lladdr) /*(6)*/
if (!lladdr) /* (6) */
newstate = ND6_LLINFO_NOSTATE;
else /*(7)*/
else /* (7) */
newstate = ND6_LLINFO_STALE;
}
@ -1780,7 +1771,7 @@ nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code)
/*
* New entry must have is_router flag cleared.
*/
if (is_newentry) /*(6-7)*/
if (is_newentry) /* (6-7) */
ln->ln_router = 0;
break;
case ND_REDIRECT:
@ -1791,7 +1782,7 @@ nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code)
*/
if (code == ND_REDIRECT_ROUTER)
ln->ln_router = 1;
else if (is_newentry) /*(6-7)*/
else if (is_newentry) /* (6-7) */
ln->ln_router = 0;
break;
case ND_ROUTER_SOLICIT:
@ -1804,8 +1795,8 @@ nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code)
/*
* Mark an entry with lladdr as a router.
*/
if ((!is_newentry && (olladdr || lladdr)) /*(2-5)*/
|| (is_newentry && lladdr)) { /*(7)*/
if ((!is_newentry && (olladdr || lladdr)) /* (2-5) */
|| (is_newentry && lladdr)) { /* (7) */
ln->ln_router = 1;
}
break;
@ -1883,7 +1874,7 @@ nd6_output(ifp, origifp, m0, dst, rt0)
goto sendpkt;
/*
* next hop determination. This routine is derived from ether_outpout.
* next hop determination. This routine is derived from ether_outpout.
*/
if (rt) {
if ((rt->rt_flags & RTF_UP) == 0) {
@ -1906,9 +1897,8 @@ nd6_output(ifp, origifp, m0, dst, rt0)
/*
* We skip link-layer address resolution and NUD
* if the gateway is not a neighbor from ND point
* of view, regardless the value of the
* nd_ifinfo.flags.
* The second condition is a bit tricky: we skip
* of view, regardless of the value of nd_ifinfo.flags.
* The second condition is a bit tricky; we skip
* if the gateway is our own address, which is
* sometimes used to install a route to a p2p link.
*/
@ -1949,7 +1939,7 @@ nd6_output(ifp, origifp, m0, dst, rt0)
else {
/*
* Since nd6_is_addr_neighbor() internally calls nd6_lookup(),
* the condition below is not very efficient. But we believe
* the condition below is not very efficient. But we believe
* it is tolerable, because this should be a rare case.
*/
if (nd6_is_addr_neighbor(dst, ifp) &&
@ -1991,7 +1981,7 @@ nd6_output(ifp, origifp, m0, dst, rt0)
/*
* If the neighbor cache entry has a state other than INCOMPLETE
* (i.e. its link-layer address is already reloved), just
* (i.e. its link-layer address is already resolved), just
* send the packet.
*/
if (ln->ln_state > ND6_LLINFO_INCOMPLETE)
@ -1999,11 +1989,12 @@ nd6_output(ifp, origifp, m0, dst, rt0)
/*
* There is a neighbor cache entry, but no ethernet address
* response yet. Replace the held mbuf (if any) with this
* response yet. Replace the held mbuf (if any) with this
* latest one.
*
* XXX Does the code conform to rate-limiting rule?
* (RFC 2461 7.2.2)
* This code conforms to the rate-limiting rule described in Section
* 7.2.2 of RFC 2461, because the timer is set correctly after sending
* an NS below.
*/
if (ln->ln_state == ND6_LLINFO_NOSTATE)
ln->ln_state = ND6_LLINFO_INCOMPLETE;
@ -2090,6 +2081,10 @@ nd6_storelladdr(ifp, rt, m, dst, desten)
desten);
return(1);
case IFT_IEEE1394:
/*
* netbsd can use if_broadcastaddr, but we don't do so
* to reduce # of ifdef.
*/
for (i = 0; i < ifp->if_addrlen; i++)
desten[i] = ~0;
return(1);

20
sys/netinet6/nd6.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: nd6.h,v 1.55 2001/04/27 15:09:49 itojun Exp $ */
/* $KAME: nd6.h,v 1.76 2001/12/18 02:10:31 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -80,7 +80,7 @@ struct nd_ifinfo {
int recalctm; /* BaseReacable re-calculation timer */
u_int8_t chlim; /* CurHopLimit */
u_int8_t receivedra;
/* the followings are for privacy extension for addrconf */
/* the following 3 members are for privacy extension for addrconf */
u_int8_t randomseed0[8]; /* upper 64 bits of MD5 digest */
u_int8_t randomseed1[8]; /* lower 64 bits (usually the EUI64 IFID) */
u_int8_t randomid[8]; /* current random ID */
@ -125,9 +125,9 @@ struct in6_prlist {
struct prf_ra raflags;
u_char prefixlen;
u_char origin;
u_long vltime;
u_long pltime;
u_long expire;
u_int32_t vltime;
u_int32_t pltime;
time_t expire;
u_short if_index;
u_short advrtrs; /* number of advertisement routers */
struct in6_addr advrtr[DRLSTSIZ]; /* XXX: explicit limit */
@ -181,8 +181,8 @@ struct in6_ndifreq {
#define NDPRF_DETACHED 0x2
/* protocol constants */
#define MAX_RTR_SOLICITATION_DELAY 1 /*1sec*/
#define RTR_SOLICITATION_INTERVAL 4 /*4sec*/
#define MAX_RTR_SOLICITATION_DELAY 1 /* 1sec */
#define RTR_SOLICITATION_INTERVAL 4 /* 4sec */
#define MAX_RTR_SOLICITATIONS 3
#define ND6_INFINITE_LIFETIME 0xffffffff
@ -206,7 +206,7 @@ TAILQ_HEAD(nd_drhead, nd_defrouter);
struct nd_defrouter {
TAILQ_ENTRY(nd_defrouter) dr_entry;
struct in6_addr rtaddr;
u_char flags;
u_char flags; /* flags on RA message */
u_short rtlifetime;
u_long expire;
u_long advint; /* Mobile IPv6 addition (milliseconds) */
@ -308,12 +308,12 @@ extern u_int32_t ip6_temp_valid_lifetime; /* seconds */
extern int ip6_temp_regen_advance; /* seconds */
union nd_opts {
struct nd_opt_hdr *nd_opt_array[9]; /*max = home agent info*/
struct nd_opt_hdr *nd_opt_array[9]; /* max = home agent info */
struct {
struct nd_opt_hdr *zero;
struct nd_opt_hdr *src_lladdr;
struct nd_opt_hdr *tgt_lladdr;
struct nd_opt_prefix_info *pi_beg;/* multiple opts, start */
struct nd_opt_prefix_info *pi_beg; /* multiple opts, start */
struct nd_opt_rd_hdr *rh;
struct nd_opt_mtu *mtu;
struct nd_opt_hdr *six;

41
sys/netinet6/nd6_nbr.c
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: nd6_nbr.c,v 1.64 2001/05/17 03:48:30 itojun Exp $ */
/* $KAME: nd6_nbr.c,v 1.86 2002/01/21 02:33:04 jinmei Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -133,11 +133,11 @@ nd6_ns_input(m, off, icmp6len)
if (IN6_IS_ADDR_UNSPECIFIED(&saddr6)) {
/* dst has to be solicited node multicast address. */
if (daddr6.s6_addr16[0] == IPV6_ADDR_INT16_MLL
/*don't check ifindex portion*/
/* don't check ifindex portion */
&& daddr6.s6_addr32[1] == 0
&& daddr6.s6_addr32[2] == IPV6_ADDR_INT32_ONE
&& daddr6.s6_addr8[12] == 0xff) {
; /*good*/
; /* good */
} else {
nd6log((LOG_INFO, "nd6_ns_input: bad DAD packet "
"(wrong ip6 dst)\n"));
@ -163,7 +163,7 @@ nd6_ns_input(m, off, icmp6len)
}
if (ndopts.nd_opts_src_lladdr) {
lladdr = (char *)(ndopts.nd_opts_src_lladdr +1);
lladdr = (char *)(ndopts.nd_opts_src_lladdr + 1);
lladdrlen = ndopts.nd_opts_src_lladdr->nd_opt_len << 3;
}
@ -252,9 +252,9 @@ nd6_ns_input(m, off, icmp6len)
}
if (IN6_ARE_ADDR_EQUAL(&myaddr6, &saddr6)) {
log(LOG_INFO,
"nd6_ns_input: duplicate IP6 address %s\n",
ip6_sprintf(&saddr6));
nd6log((LOG_INFO,
"nd6_ns_input: duplicate IP6 address %s\n",
ip6_sprintf(&saddr6)));
goto freeit;
}
@ -383,7 +383,7 @@ nd6_ns_output(ifp, daddr6, taddr6, ln, dad)
icmp6len = sizeof(*nd_ns);
m->m_pkthdr.len = m->m_len = sizeof(*ip6) + icmp6len;
m->m_data += max_linkhdr; /*or MH_ALIGN() equivalent?*/
m->m_data += max_linkhdr; /* or MH_ALIGN() equivalent? */
/* fill neighbor solicitation packet */
ip6 = mtod(m, struct ip6_hdr *);
@ -433,7 +433,7 @@ nd6_ns_output(ifp, daddr6, taddr6, ln, dad)
* - saddr6 belongs to the outgoing interface.
* Otherwise, we perform a scope-wise match.
*/
struct ip6_hdr *hip6; /*hold ip6*/
struct ip6_hdr *hip6; /* hold ip6 */
struct in6_addr *saddr6;
if (ln && ln->ln_hold) {
@ -450,7 +450,7 @@ nd6_ns_output(ifp, daddr6, taddr6, ln, dad)
else {
ia = in6_ifawithifp(ifp, &ip6->ip6_dst);
if (ia == NULL) {
m_freem(m); /*XXX*/
m_freem(m);
return;
}
ip6->ip6_src = ia->ia_addr.sin6_addr;
@ -622,7 +622,7 @@ nd6_na_input(m, off, icmp6len)
goto freeit;
}
/* Just for safety, maybe unnecessery. */
/* Just for safety, maybe unnecessary. */
if (ifa) {
log(LOG_ERR,
"nd6_na_input: duplicate IP6 address %s\n",
@ -767,6 +767,13 @@ nd6_na_input(m, off, icmp6len)
int s;
in6 = &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr;
/*
* Lock to protect the default router list.
* XXX: this might be unnecessary, since this function
* is only called under the network software interrupt
* context. However, we keep it just for safety.
*/
s = splnet();
dr = defrouter_lookup(in6, rt->rt_ifp);
if (dr)
@ -789,7 +796,7 @@ nd6_na_input(m, off, icmp6len)
ln->ln_asked = 0;
if (ln->ln_hold) {
/*
* we assume ifp is not a p2p here, so just set the 2nd
* we assume ifp is not a loopback here, so just set the 2nd
* argument as the 1st one.
*/
nd6_output(ifp, ifp, ln->ln_hold,
@ -865,7 +872,7 @@ nd6_na_output(ifp, daddr6, taddr6, flags, tlladdr, sdl0)
icmp6len = sizeof(*nd_na);
m->m_pkthdr.len = m->m_len = sizeof(struct ip6_hdr) + icmp6len;
m->m_data += max_linkhdr; /*or MH_ALIGN() equivalent?*/
m->m_data += max_linkhdr; /* or MH_ALIGN() equivalent? */
/* fill neighbor advertisement packet */
ip6 = mtod(m, struct ip6_hdr *);
@ -1094,11 +1101,11 @@ nd6_dad_start(ifa, tick)
* (re)initialization.
*/
dp->dad_ifa = ifa;
IFAREF(ifa); /*just for safety*/
IFAREF(ifa); /* just for safety */
dp->dad_count = ip6_dad_count;
dp->dad_ns_icount = dp->dad_na_icount = 0;
dp->dad_ns_ocount = dp->dad_ns_tcount = 0;
if (!tick) {
if (tick == NULL) {
nd6_dad_ns_output(dp, ifa);
nd6_dad_starttimer(dp,
nd_ifinfo[ifa->ifa_ifp->if_index].retrans * hz / 1000);
@ -1147,7 +1154,7 @@ nd6_dad_timer(ifa)
struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa;
struct dadq *dp;
s = splnet(); /*XXX*/
s = splnet(); /* XXX */
/* Sanity check */
if (ia == NULL) {
@ -1212,7 +1219,7 @@ nd6_dad_timer(ifa)
}
if (dp->dad_ns_icount) {
#if 0 /*heuristics*/
#if 0 /* heuristics */
/*
* if
* - we have sent many(?) DAD NS, and

2
sys/netinet6/nd6_rtr.c
View File

@ -398,7 +398,7 @@ nd6_ra_input(m, off, icmp6len)
skip:
/*
* Src linkaddress
* Source link layer address
*/
{
char *lladdr = NULL;

2
sys/netinet6/route6.c
View File

@ -155,7 +155,7 @@ ip6_rthdr0(m, ip6, rh0)
) {
/*
* Type 0 routing header can't contain more than 23 addresses.
* RFC 2462: this limitation was removed since stict/loose
* RFC 2462: this limitation was removed since strict/loose
* bitmap field was deleted.
*/
ip6stat.ip6s_badoptions++;

4
sys/netinet6/udp6_output.c
View File

@ -105,7 +105,7 @@
#ifdef INET6
#include <netinet6/ipsec6.h>
#endif
#endif /*IPSEC*/
#endif /* IPSEC */
#include <net/net_osdep.h>
@ -295,7 +295,7 @@ udp6_output(in6p, m, addr6, control, td)
error = ENOBUFS;
goto release;
}
#endif /*IPSEC*/
#endif /* IPSEC */
error = ip6_output(m, in6p->in6p_outputopts, &in6p->in6p_route,
flags, in6p->in6p_moptions, NULL);
break;

11
sys/netinet6/udp6_usrreq.c
View File

@ -104,7 +104,7 @@
#ifdef IPSEC
#include <netinet6/ipsec.h>
#include <netinet6/ipsec6.h>
#endif /*IPSEC*/
#endif /* IPSEC */
/*
* UDP protocol inplementation.
@ -218,7 +218,7 @@ udp6_input(mp, offp, proto)
init_sin6(&udp_in6, m); /* general init */
udp_in6.sin6_port = uh->uh_sport;
/*
* KAME note: usually we drop udphdr from mbuf here.
* KAME note: traditionally we dropped udpiphdr from mbuf here.
* We need udphdr for IPsec processing so we do that later.
*/
@ -257,7 +257,7 @@ udp6_input(mp, offp, proto)
ipsec6stat.in_polvio++;
/* do not inject data into pcb */
else
#endif /*IPSEC*/
#endif /* IPSEC */
if ((n = m_copy(m, 0, M_COPYALL)) != NULL) {
/*
* KAME NOTE: do not
@ -316,7 +316,7 @@ udp6_input(mp, offp, proto)
ipsec6stat.in_polvio++;
goto bad;
}
#endif /*IPSEC*/
#endif /* IPSEC */
if (last->in6p_flags & IN6P_CONTROLOPTS
|| last->in6p_socket->so_options & SO_TIMESTAMP)
ip6_savecontrol(last, &opts, ip6, m);
@ -364,7 +364,7 @@ udp6_input(mp, offp, proto)
ipsec6stat.in_polvio++;
goto bad;
}
#endif /*IPSEC*/
#endif /* IPSEC */
/*
* Construct sockaddr format source address.
@ -616,7 +616,6 @@ udp6_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
return error;
}
}
if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr))
return EISCONN;
s = splnet();

2
sys/netkey/key.h
View File

@ -1,5 +1,5 @@
/* $FreeBSD$ */
/* $KAME: key.h,v 1.20 2001/03/22 08:09:32 itojun Exp $ */
/* $KAME: key.h,v 1.21 2001/07/27 03:51:30 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.

8
sys/netkey/key_debug.c
View File

@ -678,7 +678,7 @@ void
kdebug_sockaddr(addr)
struct sockaddr *addr;
{
struct sockaddr_in *sin;
struct sockaddr_in *sin4;
#ifdef INET6
struct sockaddr_in6 *sin6;
#endif
@ -692,9 +692,9 @@ kdebug_sockaddr(addr)
switch (addr->sa_family) {
case AF_INET:
sin = (struct sockaddr_in *)addr;
printf(" port=%u\n", ntohs(sin->sin_port));
ipsec_hexdump((caddr_t)&sin->sin_addr, sizeof(sin->sin_addr));
sin4 = (struct sockaddr_in *)addr;
printf(" port=%u\n", ntohs(sin4->sin_port));
ipsec_hexdump((caddr_t)&sin4->sin_addr, sizeof(sin4->sin_addr));
break;
#ifdef INET6
case AF_INET6:

2
usr.sbin/faithd/README
View File

@ -1,7 +1,7 @@
Configuring FAITH IPv6-to-IPv4 TCP relay
Kazu Yamamoto and Jun-ichiro itojun Hagino
$KAME: README,v 1.7 2001/04/25 11:25:19 itojun Exp $
$KAME: README,v 1.8 2001/09/05 03:04:20 itojun Exp $
$FreeBSD$
Introduction

21
usr.sbin/faithd/faithd.8
View File

@ -1,4 +1,4 @@
.\" $KAME: faithd.8,v 1.30 2001/05/24 20:47:56 itojun Exp $
.\" $KAME: faithd.8,v 1.33 2001/09/05 03:04:20 itojun Exp $
.\"
.\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
.\" All rights reserved.
@ -267,6 +267,9 @@ permit the connection.
.Pp
The directives are evaluated in sequence,
and the first matching entry will be effective.
If there is no match
.Pq if we reach the end of the ruleset
the traffic will be denied.
.Pp
With inetd mode,
traffic may be filtered by using access control functionality in
@ -297,15 +300,15 @@ as follows:
If you would like to provide local telnet service via
.Xr telnetd 8
on
.Pa /usr/local/v6/libexec/telnetd ,
.Pa /usr/libexec/telnetd ,
use the following command line:
.Bd -literal -offset
# faithd telnet /usr/local/v6/libexec/telnetd telnetd
# faithd telnet /usr/libexec/telnetd telnetd
.Ed
.Pp
If you would like to pass extra arguments to the local daemon:
.Bd -literal -offset
# faithd ftp /usr/local/v6/libexec/ftpd ftpd -l
# faithd ftp /usr/libexec/ftpd ftpd -l
.Ed
.Pp
Here are some other examples.
@ -314,8 +317,8 @@ You may need
to translate rsh/rlogin services.
.Bd -literal -offset
# faithd ssh
# faithd login /usr/local/v6/libexec/rlogin rlogind
# faithd shell /usr/local/v6/libexec/rshd rshd
# faithd login /usr/libexec/rlogin rlogind
# faithd shell /usr/libexec/rshd rshd
.Ed
.Pp
However, you should be careful when translating rlogin or rsh
@ -377,9 +380,9 @@ on error.
.%A Jun-ichiro itojun Hagino
.%A Kazu Yamamoto
.%T "An IPv6-to-IPv4 transport relay translator"
.%R internet draft
.%N draft-ietf-ngtrans-tcpudp-relay-04.txt
.%O work in progress material
.%B RFC3142
.%O ftp://ftp.isi.edu/in-notes/rfc3142.txt
.%D June 2001
.Re
.\"
.Sh HISTORY

186
usr.sbin/faithd/faithd.c
View File

@ -1,4 +1,4 @@
/* $KAME: faithd.c,v 1.39 2001/04/25 11:20:42 itojun Exp $ */
/* $KAME: faithd.c,v 1.46 2002/01/24 16:40:42 sumikawa Exp $ */
/*
* Copyright (C) 1997 and 1998 WIDE Project.
@ -35,9 +35,8 @@
* User level translator from IPv6 to IPv4.
*
* Usage: faithd [<port> <progpath> <arg1(progname)> <arg2> ...]
* e.g. faithd telnet /usr/local/v6/sbin/telnetd telnetd
* e.g. faithd telnet /usr/libexec/telnetd telnetd
*/
#define HAVE_GETIFADDRS
#include <sys/param.h>
#include <sys/types.h>
@ -73,9 +72,7 @@
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#ifdef HAVE_GETIFADDRS
#include <ifaddrs.h>
#endif
#ifdef FAITH4
#include <resolv.h>
@ -98,7 +95,7 @@ struct myaddrs {
struct sockaddr *addr;
};
struct myaddrs *myaddrs = NULL;
static char *service;
static const char *service;
#ifdef USE_ROUTE
static int sockfd = 0;
#endif
@ -122,9 +119,6 @@ static void sig_terminate __P((int));
static void start_daemon __P((void));
static void exit_stderr __P((const char *, ...))
__attribute__((__format__(__printf__, 1, 2)));
#ifndef HAVE_GETIFADDRS
static unsigned int if_maxindex __P((void));
#endif
static void grab_myaddrs __P((void));
static void free_myaddrs __P((void));
static void update_myaddrs __P((void));
@ -178,19 +172,19 @@ inetd_main(int argc, char **argv)
sockfd = socket(PF_ROUTE, SOCK_RAW, PF_UNSPEC);
if (sockfd < 0) {
exit_failure("socket(PF_ROUTE): %s", ERRSTR);
exit_failure("socket(PF_ROUTE): %s", strerror(errno));
/*NOTREACHED*/
}
#endif
melen = sizeof(me);
if (getsockname(STDIN_FILENO, (struct sockaddr *)&me, &melen) < 0) {
exit_failure("getsockname: %s", ERRSTR);
exit_failure("getsockname: %s", strerror(errno));
/*NOTREACHED*/
}
fromlen = sizeof(from);
if (getpeername(STDIN_FILENO, (struct sockaddr *)&from, &fromlen) < 0) {
exit_failure("getpeername: %s", ERRSTR);
exit_failure("getpeername: %s", strerror(errno));
/*NOTREACHED*/
}
if (getnameinfo((struct sockaddr *)&me, melen, NULL, 0,
@ -218,7 +212,7 @@ inetd_main(int argc, char **argv)
error = setsockopt(STDIN_FILENO, SOL_SOCKET, SO_OOBINLINE, &on,
sizeof(on));
if (error < 0) {
exit_failure("setsockopt(SO_OOBINLINE): %s", ERRSTR);
exit_failure("setsockopt(SO_OOBINLINE): %s", strerror(errno));
/*NOTREACHED*/
}
@ -325,17 +319,18 @@ daemon_main(int argc, char **argv)
hints.ai_protocol = 0;
error = getaddrinfo(NULL, service, &hints, &res);
if (error)
exit_stderr("getaddrinfo: %s", gai_strerror(error));
exit_failure("getaddrinfo: %s", gai_strerror(error));
s_wld = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
if (s_wld == -1)
exit_stderr("socket: %s", ERRSTR);
exit_failure("socket: %s", strerror(errno));
#ifdef IPV6_FAITH
if (res->ai_family == AF_INET6) {
error = setsockopt(s_wld, IPPROTO_IPV6, IPV6_FAITH, &on, sizeof(on));
if (error == -1)
exit_stderr("setsockopt(IPV6_FAITH): %s", ERRSTR);
exit_failure("setsockopt(IPV6_FAITH): %s",
strerror(errno));
}
#endif
#ifdef FAITH4
@ -343,31 +338,32 @@ daemon_main(int argc, char **argv)
if (res->ai_family == AF_INET) {
error = setsockopt(s_wld, IPPROTO_IP, IP_FAITH, &on, sizeof(on));
if (error == -1)
exit_stderr("setsockopt(IP_FAITH): %s", ERRSTR);
exit_failure("setsockopt(IP_FAITH): %s",
strerror(errno));
}
#endif
#endif /* FAITH4 */
error = setsockopt(s_wld, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
if (error == -1)
exit_stderr("setsockopt(SO_REUSEADDR): %s", ERRSTR);
exit_failure("setsockopt(SO_REUSEADDR): %s", strerror(errno));
error = setsockopt(s_wld, SOL_SOCKET, SO_OOBINLINE, &on, sizeof(on));
if (error == -1)
exit_stderr("setsockopt(SO_OOBINLINE): %s", ERRSTR);
exit_failure("setsockopt(SO_OOBINLINE): %s", strerror(errno));
error = bind(s_wld, (struct sockaddr *)res->ai_addr, res->ai_addrlen);
if (error == -1)
exit_stderr("bind: %s", ERRSTR);
exit_failure("bind: %s", strerror(errno));
error = listen(s_wld, 5);
if (error == -1)
exit_stderr("listen: %s", ERRSTR);
exit_failure("listen: %s", strerror(errno));
#ifdef USE_ROUTE
sockfd = socket(PF_ROUTE, SOCK_RAW, PF_UNSPEC);
if (sockfd < 0) {
exit_stderr("socket(PF_ROUTE): %s", ERRSTR);
exit_failure("socket(PF_ROUTE): %s", strerror(errno));
/*NOTREACHED*/
}
#endif
@ -419,7 +415,7 @@ play_service(int s_wld)
if (error < 0) {
if (errno == EINTR)
goto again;
exit_failure("select: %s", ERRSTR);
exit_failure("select: %s", strerror(errno));
/*NOTREACHED*/
}
@ -433,7 +429,7 @@ play_service(int s_wld)
s_src = accept(s_wld, (struct sockaddr *)&srcaddr,
&len);
if (s_src == -1) {
exit_failure("socket: %s", ERRSTR);
exit_failure("socket: %s", strerror(errno));
/*NOTREACHED*/
}
@ -462,9 +458,9 @@ play_child(int s_src, struct sockaddr *srcaddr)
{
struct sockaddr_storage dstaddr6;
struct sockaddr_storage dstaddr4;
char src[MAXHOSTNAMELEN];
char dst6[MAXHOSTNAMELEN];
char dst4[MAXHOSTNAMELEN];
char src[NI_MAXHOST];
char dst6[NI_MAXHOST];
char dst4[NI_MAXHOST];
int len = sizeof(dstaddr6);
int s_dst, error, hport, nresvport, on = 1;
struct timeval tv;
@ -480,7 +476,7 @@ play_child(int s_src, struct sockaddr *srcaddr)
error = getsockname(s_src, (struct sockaddr *)&dstaddr6, &len);
if (error == -1) {
exit_failure("getsockname: %s", ERRSTR);
exit_failure("getsockname: %s", strerror(errno));
/*NOTREACHED*/
}
@ -501,7 +497,8 @@ play_child(int s_src, struct sockaddr *srcaddr)
dup2(0, 2);
}
execv(serverpath, serverarg);
syslog(LOG_ERR, "execv %s: %s", serverpath, ERRSTR);
syslog(LOG_ERR, "execv %s: %s", serverpath,
strerror(errno));
_exit(EXIT_FAILURE);
} else {
close(s_src);
@ -579,38 +576,38 @@ play_child(int s_src, struct sockaddr *srcaddr)
break;
}
if (s_dst < 0) {
exit_failure("socket: %s", ERRSTR);
exit_failure("socket: %s", strerror(errno));
/*NOTREACHED*/
}
if (conf->src.a.ss_family) {
if (bind(s_dst, (struct sockaddr *)&conf->src.a,
if (bind(s_dst, (const struct sockaddr *)&conf->src.a,
conf->src.a.ss_len) < 0) {
exit_failure("bind: %s", ERRSTR);
exit_failure("bind: %s", strerror(errno));
/*NOTREACHED*/
}
}
error = setsockopt(s_dst, SOL_SOCKET, SO_OOBINLINE, &on, sizeof(on));
if (error < 0) {
exit_failure("setsockopt(SO_OOBINLINE): %s", ERRSTR);
exit_failure("setsockopt(SO_OOBINLINE): %s", strerror(errno));
/*NOTREACHED*/
}
error = setsockopt(s_src, SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv));
if (error < 0) {
exit_failure("setsockopt(SO_SNDTIMEO): %s", ERRSTR);
exit_failure("setsockopt(SO_SNDTIMEO): %s", strerror(errno));
/*NOTREACHED*/
}
error = setsockopt(s_dst, SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv));
if (error < 0) {
exit_failure("setsockopt(SO_SNDTIMEO): %s", ERRSTR);
exit_failure("setsockopt(SO_SNDTIMEO): %s", strerror(errno));
/*NOTREACHED*/
}
error = connect(s_dst, sa4, sa4->sa_len);
if (error < 0) {
exit_failure("connect: %s", ERRSTR);
exit_failure("connect: %s", strerror(errno));
/*NOTREACHED*/
}
@ -653,7 +650,7 @@ faith_prefix(struct sockaddr *dst)
mib[3] = IPV6CTL_FAITH_PREFIX;
size = sizeof(struct in6_addr);
if (sysctl(mib, 4, &faith_prefix, &size, NULL, 0) < 0) {
exit_failure("sysctl: %s", ERRSTR);
exit_failure("sysctl: %s", strerror(errno));
/*NOTREACHED*/
}
@ -749,7 +746,8 @@ map4to6(struct sockaddr_in *dst4, struct sockaddr_in6 *dst6)
hints.ai_protocol = 0;
if ((ai_errno = getaddrinfo(host, serv, &hints, &res)) != 0) {
syslog(LOG_INFO, "%s %s: %s", host, serv, gai_strerror(ai_errno));
syslog(LOG_INFO, "%s %s: %s", host, serv,
gai_strerror(ai_errno));
return 0;
}
@ -787,7 +785,7 @@ start_daemon(void)
#endif
if (daemon(0, 0) == -1)
exit_stderr("daemon: %s", ERRSTR);
exit_stderr("daemon: %s", strerror(errno));
#ifdef SA_NOCLDWAIT
memset(&sa, 0, sizeof(sa));
@ -797,13 +795,13 @@ start_daemon(void)
sigaction(SIGCHLD, &sa, (struct sigaction *)0);
#else
if (signal(SIGCHLD, sig_child) == SIG_ERR) {
exit_failure("signal CHLD: %s", ERRSTR);
exit_failure("signal CHLD: %s", strerror(errno));
/*NOTREACHED*/
}
#endif
if (signal(SIGTERM, sig_terminate) == SIG_ERR) {
exit_failure("signal TERM: %s", ERRSTR);
exit_failure("signal TERM: %s", strerror(errno));
/*NOTREACHED*/
}
}
@ -848,27 +846,9 @@ exit_success(const char *fmt, ...)
}
#ifdef USE_ROUTE
#ifndef HAVE_GETIFADDRS
static unsigned int
if_maxindex()
{
struct if_nameindex *p, *p0;
unsigned int max = 0;
p0 = if_nameindex();
for (p = p0; p && p->if_index && p->if_name; p++) {
if (max < p->if_index)
max = p->if_index;
}
if_freenameindex(p0);
return max;
}
#endif
static void
grab_myaddrs()
{
#ifdef HAVE_GETIFADDRS
struct ifaddrs *ifap, *ifa;
struct myaddrs *p;
struct sockaddr_in6 *sin6;
@ -920,94 +900,6 @@ grab_myaddrs()
}
freeifaddrs(ifap);
#else
int s;
unsigned int maxif;
struct ifreq *iflist;
struct ifconf ifconf;
struct ifreq *ifr, *ifrp, *ifr_end;
struct myaddrs *p;
struct sockaddr_in6 *sin6;
size_t siz;
char ifrbuf[sizeof(struct ifreq) + 1024];
maxif = if_maxindex() + 1;
iflist = (struct ifreq *)malloc(maxif * BUFSIZ); /* XXX */
if (!iflist) {
exit_failure("not enough core");
/*NOTREACHED*/
}
if ((s = socket(PF_INET, SOCK_DGRAM, 0)) < 0) {
exit_failure("socket(SOCK_DGRAM)");
/*NOTREACHED*/
}
memset(&ifconf, 0, sizeof(ifconf));
ifconf.ifc_req = iflist;
ifconf.ifc_len = maxif * BUFSIZ; /* XXX */
if (ioctl(s, SIOCGIFCONF, &ifconf) < 0) {
exit_failure("ioctl(SIOCGIFCONF)");
/*NOTREACHED*/
}
close(s);
/* Look for this interface in the list */
ifr_end = (struct ifreq *) (ifconf.ifc_buf + ifconf.ifc_len);
for (ifrp = ifconf.ifc_req;
ifrp < ifr_end;
ifrp = (struct ifreq *)((char *)ifrp + siz)) {
memcpy(ifrbuf, ifrp, sizeof(*ifrp));
ifr = (struct ifreq *)ifrbuf;
siz = ifr->ifr_addr.sa_len;
if (siz < sizeof(ifr->ifr_addr))
siz = sizeof(ifr->ifr_addr);
siz += (sizeof(*ifrp) - sizeof(ifr->ifr_addr));
if (siz > sizeof(ifrbuf)) {
/* ifr too big */
break;
}
memcpy(ifrbuf, ifrp, siz);
switch (ifr->ifr_addr.sa_family) {
case AF_INET:
case AF_INET6:
p = (struct myaddrs *)malloc(sizeof(struct myaddrs)
+ ifr->ifr_addr.sa_len);
if (!p) {
exit_failure("not enough core");
/*NOTREACHED*/
}
memcpy(p + 1, &ifr->ifr_addr, ifr->ifr_addr.sa_len);
p->next = myaddrs;
p->addr = (struct sockaddr *)(p + 1);
#ifdef __KAME__
if (ifr->ifr_addr.sa_family == AF_INET6) {
sin6 = (struct sockaddr_in6 *)p->addr;
if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)
|| IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) {
sin6->sin6_scope_id =
ntohs(*(u_int16_t *)&sin6->sin6_addr.s6_addr[2]);
sin6->sin6_addr.s6_addr[2] = 0;
sin6->sin6_addr.s6_addr[3] = 0;
}
}
#endif
myaddrs = p;
if (dflag) {
char hbuf[NI_MAXHOST];
getnameinfo(p->addr, p->addr->sa_len,
hbuf, sizeof(hbuf), NULL, 0,
NI_NUMERICHOST);
syslog(LOG_INFO, "my interface: %s %s", hbuf, ifr->ifr_name);
}
break;
default:
break;
}
}
free(iflist);
#endif
}
static void

4
usr.sbin/faithd/faithd.h
View File

@ -1,4 +1,4 @@
/* $KAME: faithd.h,v 1.6 2000/10/05 22:20:37 itojun Exp $ */
/* $KAME: faithd.h,v 1.8 2001/09/05 03:04:21 itojun Exp $ */
/*
* Copyright (C) 1997 and 1998 WIDE Project.
@ -69,6 +69,4 @@ extern void exit_failure __P((const char *, ...))
#define UC(b) (((int)b)&0xff)
#define ERRSTR strerror(errno)
#define FAITH_TIMEOUT (30 * 60) /*second*/

16
usr.sbin/faithd/ftp.c
View File

@ -1,4 +1,4 @@
/* $KAME: ftp.c,v 1.10 2000/09/14 00:23:39 itojun Exp $ */
/* $KAME: ftp.c,v 1.11 2001/07/02 14:36:49 itojun Exp $ */
/*
* Copyright (C) 1997 and 1998 WIDE Project.
@ -103,7 +103,7 @@ ftp_relay(int ctl6, int ctl4)
error = select(256, &readfds, NULL, NULL, &tv);
if (error == -1)
exit_failure("select: %s", ERRSTR);
exit_failure("select: %s", strerror(errno));
else if (error == 0)
exit_failure("connection timeout");
@ -200,7 +200,7 @@ ftp_relay(int ctl6, int ctl4)
}
bad:
exit_failure(ERRSTR);
exit_failure("%s", strerror(errno));
}
static int
@ -330,7 +330,7 @@ ftp_copy(int src, int dst)
}
bad:
exit_failure(ERRSTR);
exit_failure("%s", strerror(errno));
/*NOTREACHED*/
return 0; /* to make gcc happy */
}
@ -504,7 +504,7 @@ ftp_copyresult(int src, int dst, enum state state)
error = setsockopt(wport6, IPPROTO_IPV6, IPV6_FAITH,
&on, sizeof(on));
if (error == -1)
exit_failure("setsockopt(IPV6_FAITH): %s", ERRSTR);
exit_failure("setsockopt(IPV6_FAITH): %s", strerror(errno));
}
#endif
error = bind(wport6, (struct sockaddr *)sin6, sin6->sin6_len);
@ -626,7 +626,7 @@ ftp_copyresult(int src, int dst, enum state state)
error = setsockopt(wport6, IPPROTO_IP, IP_FAITH,
&on, sizeof(on));
if (error == -1)
exit_error("setsockopt(IP_FAITH): %s", ERRSTR);
exit_error("setsockopt(IP_FAITH): %s", strerror(errno));
}
#endif
error = bind(wport6, (struct sockaddr *)sin, sin->sin_len);
@ -685,7 +685,7 @@ ftp_copyresult(int src, int dst, enum state state)
}
bad:
exit_failure(ERRSTR);
exit_failure("%s", strerror(errno));
/*NOTREACHED*/
return 0; /* to make gcc happy */
}
@ -1119,7 +1119,7 @@ ftp_copycommand(int src, int dst, enum state *state)
}
bad:
exit_failure(ERRSTR);
exit_failure("%s", strerror(errno));
/*NOTREACHED*/
return 0; /* to make gcc happy */
}

6
usr.sbin/faithd/prefix.c
View File

@ -1,4 +1,4 @@
/* $KAME: prefix.c,v 1.8 2000/11/24 06:16:56 itojun Exp $ */
/* $KAME: prefix.c,v 1.9 2001/07/02 14:36:49 itojun Exp $ */
/* $FreeBSD$ */
/*
@ -136,8 +136,8 @@ prefix_string(prefix)
static char buf[NI_MAXHOST + 20];
char hbuf[NI_MAXHOST];
if (getnameinfo((struct sockaddr *)&prefix->a, prefix->a.ss_len, hbuf,
sizeof(hbuf), NULL, 0, niflags))
if (getnameinfo((const struct sockaddr *)&prefix->a, prefix->a.ss_len,
hbuf, sizeof(hbuf), NULL, 0, niflags))
return NULL;
snprintf(buf, sizeof(buf), "%s/%d", hbuf, prefix->l);
return buf;

2
usr.sbin/faithd/prefix.h
View File

@ -1,4 +1,4 @@
/* $KAME: prefix.h,v 1.3 2000/11/19 11:45:38 itojun Exp $ */
/* $KAME: prefix.h,v 1.4 2001/09/05 03:04:21 itojun Exp $ */
/* $FreeBSD$ */
/*

10
usr.sbin/faithd/rsh.c
View File

@ -1,4 +1,4 @@
/* $KAME: rsh.c,v 1.5 2001/02/15 17:28:04 itojun Exp $ */
/* $KAME: rsh.c,v 1.7 2001/09/05 01:10:30 itojun Exp $ */
/*
* Copyright (C) 1997 and 1998 WIDE Project.
@ -69,7 +69,7 @@ rsh_relay(int s_src, int s_dst)
tv.tv_usec = 0;
error = select(256, &readfds, NULL, NULL, &tv);
if (error == -1)
exit_failure("select %d: %s", s_src, ERRSTR);
exit_failure("select %d: %s", s_src, strerror(errno));
else if (error == 0)
exit_failure("connection timeout");
@ -102,7 +102,7 @@ relay(int src, int dst)
switch (n) {
case -1:
exit_failure(ERRSTR);
exit_failure("%s", strerror(errno));
case 0:
if (s_rcv == src) {
/* half close */
@ -180,7 +180,7 @@ rsh_dual_relay(int s_src, int s_dst)
error = select(256, &readfds, NULL, NULL, &tv);
if (error == -1)
exit_failure("select 4 sockets: %s", ERRSTR);
exit_failure("select 4 sockets: %s", strerror(errno));
else if (error == 0)
exit_failure("connection timeout");
@ -208,5 +208,5 @@ rsh_dual_relay(int s_src, int s_dst)
/* NOTREACHED */
bad:
exit_failure(ERRSTR);
exit_failure("%s", strerror(errno));
}

15
usr.sbin/faithd/tcp.c
View File

@ -1,4 +1,4 @@
/* $KAME: tcp.c,v 1.5 2000/09/29 03:48:31 sakane Exp $ */
/* $KAME: tcp.c,v 1.8 2001/11/21 07:40:22 itojun Exp $ */
/*
* Copyright (C) 1997 and 1998 WIDE Project.
@ -60,7 +60,7 @@ static fd_set readfds, writefds, exceptfds;
static char atmark_buf[2];
static pid_t cpid = (pid_t)0;
static pid_t ppid = (pid_t)0;
static time_t child_lastactive = (time_t)0;
volatile time_t child_lastactive = (time_t)0;
static time_t parent_lastactive = (time_t)0;
static void sig_ctimeout __P((int));
@ -179,7 +179,7 @@ send_data(int s_rcv, int s_snd, const char *service, int direction)
return;
retry_or_err:
if (errno != EAGAIN)
exit_failure("writing relay data failed: %s", ERRSTR);
exit_failure("writing relay data failed: %s", strerror(errno));
FD_SET(s_snd, &writefds);
}
@ -210,7 +210,7 @@ relay(int s_rcv, int s_snd, const char *service, int direction)
if (error == -1) {
if (errno == EINTR)
continue;
exit_failure("select: %s", ERRSTR);
exit_failure("select: %s", strerror(errno));
} else if (error == 0) {
readfds = oreadfds;
writefds = owritefds;
@ -237,7 +237,7 @@ relay(int s_rcv, int s_snd, const char *service, int direction)
goto oob_read_retry;
exit_failure("reading oob data failed"
": %s",
ERRSTR);
strerror(errno));
}
}
}
@ -251,7 +251,7 @@ relay(int s_rcv, int s_snd, const char *service, int direction)
if (errno == EINTR)
goto relaydata_read_retry;
exit_failure("reading relay data failed: %s",
ERRSTR);
strerror(errno));
/* NOTREACHED */
case 0:
/* to close opposite-direction relay process */
@ -282,7 +282,8 @@ tcp_relay(int s_src, int s_dst, const char *service)
cpid = fork();
switch (cpid) {
case -1:
exit_failure("tcp_relay: can't fork grand child: %s", ERRSTR);
exit_failure("tcp_relay: can't fork grand child: %s",
strerror(errno));
/* NOTREACHED */
case 0:
/* child process: relay going traffic */